CVE-2019-19893

Vulnerability

In IXP EasyInstall version 6.2.13723, the Engine Service listening on TCP port 8000 is vulnerable to directory traversal. An unauthenticated attacker can send specially crafted requests that traverse directories, allowing access to arbitrary files on the server's filesystem [1]. No special configuration is required to reach the vulnerable code path.

Exploitation

An attacker with network access to the target server on TCP port 8000 can exploit the vulnerability without any authentication [1]. The attacker sends crafted HTTP requests containing path traversal sequences (e.g., ../) to read files outside the intended web root directory.

Impact

Successful exploitation allows the attacker to read arbitrary files from the server's filesystem. Critically, the Engine Service runs with NT AUTHORITY\SYSTEM privileges, meaning the attacker gains access with the highest level of Windows system rights [1]. This can lead to complete disclosure of sensitive information, including configuration files, credentials, and other data.

Mitigation

As of the publication date (2020-01-23), no patch has been released for this vulnerability [1]. The vendor should be contacted for an update. If no fix becomes available, restricting network access to port 8000 to trusted hosts only is a recommended workaround.