exploitDog

GHSA-wr54-8xf4-92p3

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product.

An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product.

Ссылки

EPSS

Процентиль: 7%

0.00027

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-276

Связанные уязвимости

CVE-2018-7535

CVSS3: 7.8

nvd

больше 7 лет назад

An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product.

EPSS

Процентиль: 7%

0.00027

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-276