Skip to main content

Origin Validation Error

CVE-2019-19019

Severity High
Score 7.5/10

Summary

An issue was discovered in TitanHQ WebTitan before 5.18. It contains a Remote Code Execution issue through which an attacker can execute arbitrary code as root. The issue stems from the hotfix download mechanism, which downloads a shell script via HTTP, and then executes it as root. This is analogous to CVE-2019-6800 but for a different product.

  • HIGH
  • NETWORK
  • HIGH
  • UNCHANGED
  • NONE
  • LOW
  • HIGH
  • HIGH

CWE-346 - Origin Validation Error

The software does not properly verify that the source of data or communication is valid.

References

Advisory Timeline

  • Published