← volver
CVE-2019-7323

CVE-2019-7323

EPSS 1.1%
GUP (generic update process) in LightySoft LogMX before 7.4.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update. The update process relies on cleartext HTTP. The attacker could replace the LogMXUpdater.class file.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bmantra.github.io/logmx/logmx.htmlhttps://github.com/bmantra/bmantra.github.io/blob/master/logmx/logmx.htmlhttps://logmx.com/download