7.3 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
74.7%
The NGINX Controller Agent does not use absolute paths when calling system utilities. (CVE-2020-27730)
Impact
This vulnerability allows a local attacker to escalate privileges and run arbitrary code as the agent (root) process.