← back
CVE-2019-7323

CVE-2019-7323

EPSS 1.1%
GUP (generic update process) in LightySoft LogMX before 7.4.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update. The update process relies on cleartext HTTP. The attacker could replace the LogMXUpdater.class file.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bmantra.github.io/logmx/logmx.htmlhttps://github.com/bmantra/bmantra.github.io/blob/master/logmx/logmx.htmlhttps://logmx.com/download