CVE-2019-13551: Advantech WISE-PaaS/RMM UpgradeMgmt Directory Traversal Remote Code Execution Vulnerability
First published: Thu Oct 31 2019(Updated: )
Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Path traversal vulnerabilities are caused by a lack of proper validation of a user-supplied path prior to use in file operations. An attacker can leverage these vulnerabilities to remotely execute code while posing as an administrator.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Advantech WISE-PaaS/RMM | ||
| Advantech Wise-paas\/rmm | <=3.3.29 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/references
- agent/first-publish-date
- agent/description
- collector/zdi-advisory
- source/ZDI
- alias/ZDI-19-958
- alias/ZDI-CAN-9101
- alias/CVE-2019-13551
- agent/software-canonical-lookup
- alias/ZDI-19-950
- alias/ZDI-CAN-9173
- alias/ZDI-19-935
- alias/ZDI-CAN-8892
- alias/ZDI-19-941
- alias/ZDI-CAN-9226
- agent/title
- agent/tags
- agent/event
- agent/trending
- vendor/advantech
- canonical/advantech wise-paas\/rmm
- version/advantech wise-paas\/rmm/3.3.29
- canonical/advantech wise-paas/rmm