Unrated severityNVD Advisory· Published Dec 27, 2019· Updated Aug 5, 2024
CVE-2019-20049
CVE-2019-20049
Description
An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A remote unauthenticated attacker can chain a directory traversal (which helps to bypass authentication) with an insecure file upload to achieve Remote Code Execution as SYSTEM. The directory traversal is in the __construct() whereas the insecure file upload is in SetSkinImages().
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Alcatel-Lucent/OmniVista 4760description
Patches
Vulnerability mechanics
References
3- packetstormsecurity.com/files/155595/Alcatel-Lucent-Omnivista-8770-Remote-Code-Execution.htmlmitrex_refsource_MISC
- www.al-enterprise.com/en/-/media/assets/internet/documents/sa-c0065-ov8770-rce-vulnerability-en.pdfmitrex_refsource_MISC
- www.exploit-db.com/exploits/47761mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.