Directory Traversal Vulnerability in IXP EasyInstall 6.2.13723 Allows Unauthenticated Remote Filesystem Access

Directory Traversal Vulnerability in IXP EasyInstall 6.2.13723 Allows Unauthenticated Remote Filesystem Access

CVE-2019-19893 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

In IXP EasyInstall 6.2.13723, there is Directory Traversal on TCP port 8000 via the Engine Service by an unauthenticated attacker, who can access the server's filesystem with the access rights of NT AUTHORITY\SYSTEM.

Learn more about our Cis Benchmark Audit For Server Software.