CVE-2019-13598

Published: 2019-07-14T18:15Z

Last Modified: 2024-11-21T04:25Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users to execute arbitrary OS commands via the code parameter to /port_3480/data_request because the "No unsafe lua allowed" code block is skipped. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt