exploitDog

CVE-2020-26133

Опубликовано: 28 окт. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the DualServer.exe binary.

Ссылки

https://github.com/OffensiveOceloot/advisories/blob/main/CVE-2020-26133.md
https://github.com/an0ry/advisories
Third Party Advisory
https://sourceforge.net/projects/dhcp-dns-server/
Product
https://github.com/OffensiveOceloot/advisories/blob/main/CVE-2020-26133.md
https://github.com/an0ry/advisories
Third Party Advisory
https://sourceforge.net/projects/dhcp-dns-server/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dual_dhcp_dns_server_project:dual_dhcp_dns_server:7.40:*:*:*:*:*:*:*

EPSS

Процентиль: 14%

0.00045

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-732

Связанные уязвимости

GHSA-v8qw-9j77-3g5v

CVSS3: 7.8

github

больше 3 лет назад

An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the DualServer.exe binary.

EPSS

Процентиль: 14%

0.00045

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-732