Описание
In XeroSecurity Sn1per 9.0 (free version), insecure permissions (0777) are set upon application execution, allowing an unprivileged user to modify the application, modules, and configuration files. This leads to arbitrary code execution with root privileges.
Ссылки
- ExploitThird Party Advisory
- Release NotesThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Release NotesThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:xerosecurity:sn1per:9.0:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.0166
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-276
Связанные уязвимости
github
больше 3 лет назад
In XeroSecurity Sn1per 9.0 (free version), insecure permissions (0777) are set upon application execution, allowing an unprivileged user to modify the application, modules, and configuration files. This leads to arbitrary code execution with root privileges.
EPSS
Процентиль: 82%
0.0166
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-276