← Voltar para CVEs
CVE-2024-22078
HIGH8.8
Descricao
An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Privilege escalation can occur via world writable files. The network configuration script has weak filesystem permissions. This results in write access for all authenticated users and the possibility to escalate from user privileges to administrative privileges.
Detalhes CVE
Pontuacao CVSS v3.18.8
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vetor de ataqueNETWORK
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado3/20/2024
Ultima modificacao4/16/2025
Fontenvd
Avistamentos honeypot0
Produtos afetados
elspec-ltd:g5dfrelspec-ltd:g5dfr_firmware
Fraquezas (CWE)
CWE-280
Referencias
https://www.elspec-ltd.com/support/security-advisories/(cve@mitre.org)
https://www.elspec-ltd.com/support/security-advisories/(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.