LRM does not restrict the types of files that can be uploaded to the affected product. A malicious actor can upload any file type, including executable code that allows for a remote code exploit.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HIllumina Iseq 100
HWIlluminawszystkie wersjeIllumina Local Run Manager
APPIllumina1.3 – 3.1Illumina Miniseq
HWIlluminawszystkie wersjeIllumina Miseq
HWIlluminawszystkie wersjeIllumina Miseq Dx
HWIlluminawszystkie wersjeIllumina Nextseq 500
HWIlluminawszystkie wersjeIllumina Nextseq 550
HWIlluminawszystkie wersjeIllumina Nextseq 550dx
HWIlluminawszystkie wersje
Related vulnerabilities
Instruments with Illumina Universal Copy Service v2.x are vulnerable due to binding to an unrestricted IP add...
LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at t...
LRM contains a directory traversal vulnerability that can allow a malicious actor to upload outside the intend...
LRM does not implement authentication or authorization by default. A malicious actor can inject, replay, modif...
Instruments with Illumina Universal Copy Service v1.x and v2.x contain an unnecessary privileges vulnerability...