Описание
Insecure permissions in the script /etc/init.d/lighttpd in AK-Nord USB-Server-LXL Firmware v0.0.16 Build 2023-03-13 allows a locally authenticated low-privilege user to execute arbitrary commands with root privilege via editing this script which is executed with root-privileges on any interaction and on every system boot.
EPSS
Процентиль: 5%
0.00022
Низкий
7.8 High
CVSS3
Дефекты
CWE-276
Связанные уязвимости
CVSS3: 7.8
github
6 месяцев назад
Insecure permissions in the script /etc/init.d/lighttpd in AK-Nord USB-Server-LXL Firmware v0.0.16 Build 2023-03-13 allows a locally authenticated low-privilege user to execute arbitrary commands with root privilege via editing this script which is executed with root-privileges on any interaction and on every system boot.
EPSS
Процентиль: 5%
0.00022
Низкий
7.8 High
CVSS3
Дефекты
CWE-276