Описание
A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0. A specially-crafted command injection can lead to elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:dreamreport:remote_connector:20.2.16900.0:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00613
Низкий
8.8 High
CVSS3
7.3 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-276
NVD-CWE-Other
Связанные уязвимости
CVSS3: 8.8
github
около 4 лет назад
A privilege escalation vulnerability exists in the Remote Server functionality of Dream Report ODS Remote Connector 20.2.16900.0. A specially-crafted command injection can lead to elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability.
EPSS
Процентиль: 69%
0.00613
Низкий
8.8 High
CVSS3
7.3 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-276
NVD-CWE-Other