CVE-2019-19019

Name of the Vulnerable Software and Affected Versions TitanHQ WebTitan versions prior to 5.18

Description An issue was discovered that allows for Remote Code Execution, enabling an attacker to execute arbitrary code as root. This issue stems from the hotfix download mechanism, which downloads a shell script via HTTP and then executes it as root.

Recommendations For versions prior to 5.18, update to version 5.18 or later to resolve the issue. As a temporary workaround, consider disabling the hotfix download mechanism until a patch is available. Restrict access to the hotfix download feature to minimize the risk of exploitation.