SALTO ProAccess SPACE 22.214.171.124 Improper Input Validation Vulnerability
SALTO ProAccess SPACE Software is a powerful access control management tool that enables you to program access time zones for each user, manage different calendars and obtain audit trails from each door to see who has passed through it. The software includes special functions such as automatic door status changes, anti-passback and relay management. Thanks to its advanced software features, SALTO ProAccess SPACE is also one of the most user-friendly and powerful software products for the access control management of stand-alone wireless devices, and IP online devices in one converged complete access control platform for the user, keys and doors management.
The information has been provided by Vendor
The original article can be found at:https://sec-consult.com/en/blog/advisories/multiple-critical-vulnerabilities-in-salto-proaccess-space/
An issue was discovered in SALTO ProAccess SPACE 126.96.36.199. An attacker can write arbitrary content to arbitrary files, as demonstrated by CVE-2019-19458 files under the web root, or .bat files that will be used with auto start. This allows an attacker to execute arbitrary commands on the server.
SALTO ProAccess SPACE 188.8.131.52