CVE-2019-20029 – An exploitable privilege escalation vulnerability exists in the WebPro functionality of As …

Vuln ID: CVE-2019-20029

Published:  2020-07-29  18:15:13Z

Description: An exploitable privilege escalation vulnerability exists in the WebPro functionality of Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices. A specially crafted HTTP POST can cause privilege escalation resulting in a higher privileged account, including an undocumented developer level of access.

Source: NVD.NIST.GOV

 

Tags