exploitDog

CVE-2020-25989

Опубликовано: 19 нояб. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2.2550.20. Successful exploitation of the issue may allow an attacker to execute code on the effected system with root privileges.

Ссылки

https://github.com/pritunl/pritunl-client-electron/commit/89f8c997c6f93e724f68f76f7f47f8891d9acc2d
Patch
Third Party Advisory
https://vkas-afk.github.io/vuln-disclosures/
Exploit
Third Party Advisory
https://github.com/pritunl/pritunl-client-electron/commit/89f8c997c6f93e724f68f76f7f47f8891d9acc2d
Patch
Third Party Advisory
https://vkas-afk.github.io/vuln-disclosures/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:pritunl:pritunl-client-electron:*:*:*:*:*:*:*:*

Версия от 1.0.1116.6 (включая) до 1.2.2550.20 (включая)

EPSS

Процентиль: 48%

0.00251

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-59

Связанные уязвимости

GHSA-q66j-gj7h-p9hm

CVSS3: 7.8

github

больше 3 лет назад

Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2.2550.20. Successful exploitation of the issue may allow an attacker to execute code on the effected system with root privileges.

EPSS

Процентиль: 48%

0.00251

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-59