Описание
In Linksys E2500 3.0.04.002, the chroot_local_user option is enabled in the vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.
Ссылки
- Broken LinkNot Applicable
- Broken Link
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:linksys:e2500_firmware:3.0.04.002:*:*:*:*:*:*:*
cpe:2.3:h:linksys:e2500:-:*:*:*:*:*:*:*
EPSS
Процентиль: 22%
0.00071
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 9.8
github
7 месяцев назад
In Linksys E2500 3.0.04.002, the chroot_local_user option is enabled in the vsftpd configuration file. This could lead to unauthorized access to system files, privilege escalation, or use of the compromised server as a pivot point for internal network attacks.
EPSS
Процентиль: 22%
0.00071
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-284