CVE-2019-20049

CVE-2019-20049

An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construct() whereas the insecure file upload is in SetSkinImages().

Source: CVE-2019-20049

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다