4 matches found
CVE-2019-19458
SALTO ProAccess SPACE 5.4.3.0 has a Directory Traversal vulnerability in the Data Export feature (CVE-2019-19458). Exploitation can enable an attacker to write arbitrary content to arbitrary files under the web root; in practice, this can lead to executing arbitrary commands on the server per rel...
CVE-2019-19460
SALTO ProAccess SPACE 5.4.3.0 is affected by CVE-2019-19458 (Directory Traversal in Data Export) and CVE-2019-19459 (arbitrary file writes and command execution on the server). These flaws allow an attacker to write arbitrary content to arbitrary files, with exploitation demonstrated against the ...
CVE-2019-19457
CVE-2019-19457 affects SALTO ProAccess SPACE, specifically version 5.4.3.0, which is vulnerable to cross-site scripting due to insufficient validation of client data by the WEB application. Public records (NVD, Red Hat, RH) corroborate the XSS flaw for this release. The SEC Consult advisory indic...
CVE-2019-19459
The SALTO ProAccess SPACE 5.4.3.0 vulnerability set includes CVE-2019-19458 (Directory Traversal in Data Export) and CVE-2019-19459 (arbitrary file write). The root cause is the ability to write arbitrary content to arbitrary files, enabling potential command execution. The web server runs as a W...