Описание
Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the OpenTFTPServerSP.exe binary.
Ссылки
- ExploitThird Party Advisory
- Product
- ExploitThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:open_tftp_server_project:open_tftp_server:1.66:*:*:*:mt:*:*:*
cpe:2.3:a:open_tftp_server_project:open_tftp_server:1.66:*:*:*:sp:*:*:*
EPSS
Процентиль: 33%
0.0013
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the OpenTFTPServerSP.exe binary.
EPSS
Процентиль: 33%
0.0013
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732