Vulnerability Description: Local Privilege Escalation
Software Version: < 4.8.5
NIST: https://nvd.nist.gov/vuln/detail/CVE-2019-19455
CVSv3: 7.8
Severity: High
Credits: Francesco Giordano, Massimiliano Brolli
A local privilege escalation was found in the Linux Version of the server. A user can write arbitrary command in every file in /usr/local/WowzaStreamingEngine/manager/bin/ since they are writable by anyone and executed at boot or stop of the server as root.