Описание
SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:secudos:qiata:4.13:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.00059
Низкий
7.8 High
CVSS3
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 7.8
github
больше 2 лет назад
SECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user.
EPSS
Процентиль: 19%
0.00059
Низкий
7.8 High
CVSS3
Дефекты
CWE-732