In HylaFAX+ through 7.0.2 and... CVE-2020-15396

- AV AC AU C I A
发布: 2020-06-30
修订: 2020-07-11

In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.

0%
暂无可用Exp或PoC
产品及版本信息(CPE)暂不可用