Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission Vulnerability

Exploit Title: Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission Exploit Author: Adrian Bondocea Vendor Homepage: https://www.fluentd.org/ Software Link: https://td-agent-package-browser.herokuapp.com/4/windows Version: icacls C:\opt\td-agent\bin C:\opt\td-agent\bin...

Fluentd TD-agent 4.0.1 Insecure Folder Permission

Exploit Title: Fluentd TD-agent plugin 4.0.1 - Insecure Folder Permission Date: 21.12.2020 Exploit Author: Adrian Bondocea Vendor Homepage: https://www.fluentd.org/ Software Link: https://td-agent-package-browser.herokuapp.com/4/windows Version: icacls C:\opt\td-agent\bin C:\opt\td-agent\bin...

CVE-2020-28169

creationtimestamp| type| source ---|---|--- 2020-12-24 18:55:23+00:00| seen| https://t.me/cibsecurity/21272...

CVE-2020-28169

CVE-2020-28169 refers to the Fluentd td-agent-builder plugin vulnerability prior to 2020-12-18, where the bin directory is writable by a user and a file in bin can be executed with NT AUTHORITY\SYSTEM privileges, enabling local privilege escalation. Public exploit material and disclosures (e.g., ...