CVE-2019-12719

CRITICAL

AUO Sunveillance Monitoring System & ... - Unrestricted File Upload

Title source: rule

Description

An issue was discovered in Picture_Manage_mvc.aspx in AUO SunVeillance Monitoring System before v1.1.9e. There is an incorrect access control vulnerability that can allow an unauthenticated user to upload files via a modified authority parameter.

Exploits (1)

exploitdb WRITEUP
by Luca.Chiou · textwebappshardware
https://www.exploit-db.com/exploits/47541

References (2)

Scores

CVSS v3 9.8
EPSS 0.0063
EPSS Percentile 70.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-434
Status published
Products (1)
auo/sunveillance_monitoring_system_\&_data_recorder < 1.1.9e
Published Nov 12, 2019
Tracked Since Feb 18, 2026