A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script donβt fully sanitize the user input resulting in local commands execution, allowing an operator user (Privilege-1) to escalate privileges and became administrator (Privilege-15).
[
{
"product": "EdgeSwitch",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.7.0"
}
]
}
]