Описание
AspEmail 5.6.0.2 contains a binary permission vulnerability that allows local users to escalate privileges through the Persits Software EmailAgent service. Attackers can exploit full write permissions in the BIN directory to replace the service executable and gain elevated system access.
EPSS
Процентиль: 2%
0.00015
Низкий
8.4 High
CVSS3
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 8.4
github
около 2 месяцев назад
AspEmail 5.6.0.2 contains a binary permission vulnerability that allows local users to escalate privileges through the Persits Software EmailAgent service. Attackers can exploit full write permissions in the BIN directory to replace the service executable and gain elevated system access.
EPSS
Процентиль: 2%
0.00015
Низкий
8.4 High
CVSS3
Дефекты
CWE-732