ID:5029 - Exploit for Exposed dangerous method or function in Crowd - CVE-2019-11580

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:5029 - Exploit for Exposed dangerous method or function in Crowd - CVE-2019-11580

ID:5029 - Exploit for Exposed dangerous method or function in Crowd - CVE-2019-11580

Published: January 18, 2021


Vulnerability identifier: #VU18716
Vulnerability risk: High
CVE-ID: CVE-2019-11580
CWE-ID: CWE-749
Exploitation vector: Remote access
Vulnerable software:
Crowd

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to incorrectly enabled pdkinstall development plugin in release builds. A remote unauthenticated attacker can install arbitrary plugin and gain full control over the affected system.

Successful exploitation of the vulnerability may allow remote code execution.


Remediation

Install updates from vendor's website.