Описание
Incorrect access control in mihomo v1.19.11 allows authenticated attackers with low-level privileges to read arbitrary files with elevated privileges via obtaining the external control key from the config file.
Ссылки
- ExploitThird Party Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:metacubex:mihomo:1.9.11:*:*:*:*:*:*:*
EPSS
Процентиль: 13%
0.00042
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-284
Связанные уязвимости
CVSS3: 6.5
github
3 месяца назад
Incorrect access control in mihomo v1.19.11 allows authenticated attackers with low-level privileges to read arbitrary files with elevated privileges via obtaining the external control key from the config file.
EPSS
Процентиль: 13%
0.00042
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-284