ГлавнаяУязвимости → CVE-2024-22078
8.8высокая

CVE-2024-22078

Описание

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Privilege escalation can occur via world writable files. The network configuration script has weak filesystem permissions. This results in write access for all authenticated users and the possibility to escalate from user privileges to administrative privileges.

Затрагиваемое ПО
Elspec-ltd G5dfr firmwareElspec-ltd G5dfr
CVSS
Балл8.8 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.elspec-ltd.com/support/security-advisories/https://www.elspec-ltd.com/support/security-advisories/