exploitDog

GHSA-62hc-56xq-xr7v

Опубликовано: 13 сент. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device.

A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device.

Ссылки

EPSS

Процентиль: 66%

0.00512

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2024-42025

CVSS3: 7.8

nvd

больше 1 года назад

A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device.

EPSS

Процентиль: 66%

0.00512

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-77