exploitDog

CVE-2020-17381

Опубликовано: 21 окт. 2020

Источник: nvd

CVSS3: 7.3

CVSS2: 4.4

EPSS Низкий

Описание

An issue was discovered in Ghisler Total Commander 9.51. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the %SYSTEMDRIVE%\totalcmd\TOTALCMD64.EXE binary.

Ссылки

https://github.com/OffensiveOceloot/advisories/blob/main/CVE-2020-17381.md
https://github.com/an0ry/advisories/blob/main/CVE-2020-17381.md
Exploit
Third Party Advisory
https://github.com/OffensiveOceloot/advisories/blob/main/CVE-2020-17381.md
https://github.com/an0ry/advisories/blob/main/CVE-2020-17381.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ghisler:total_commander:9.51:*:*:*:*:*:*:*

EPSS

Процентиль: 15%

0.00047

Низкий

7.3 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-276

Связанные уязвимости

GHSA-rrfh-vr5f-gm86

CVSS3: 7.3

github

больше 3 лет назад

An issue was discovered in Ghisler Total Commander 9.51. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the %SYSTEMDRIVE%\totalcmd\TOTALCMD64.EXE binary.

EPSS

Процентиль: 15%

0.00047

Низкий

7.3 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-276