Vulnerabilities > CVE-2019-20049 - Unspecified vulnerability in Al-Enterprise Omnivista 4760
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construct() whereas the insecure file upload is in SetSkinImages().
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Saint
description | Alcatel OmniVista remote command execution |
id | web_tool_omnivista |
title | alcatel_omnivista |
type | remote |
References
- https://git.lsd.cat/g/omnivista-rce
- https://git.lsd.cat/g/omnivista-rce
- https://packetstormsecurity.com/files/155595/Alcatel-Lucent-Omnivista-8770-Remote-Code-Execution.html
- https://packetstormsecurity.com/files/155595/Alcatel-Lucent-Omnivista-8770-Remote-Code-Execution.html
- https://www.al-enterprise.com/en/-/media/assets/internet/documents/sa-c0065-ov8770-rce-vulnerability-en.pdf
- https://www.al-enterprise.com/en/-/media/assets/internet/documents/sa-c0065-ov8770-rce-vulnerability-en.pdf
- https://www.exploit-db.com/exploits/47761
- https://www.exploit-db.com/exploits/47761