15 matches found
CVE-2019-18822
A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allows its user account i.e., the account under which the program runs - by default, the callrec account to elevate privileges to root by abusing the [email protected]. The [email protected] starts the /opt/callrec/bin/rs binar...
EUVD-2019-8524
Malware in sbrugna...
CVE-2019-19810
Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending crafted RMI requests to execute arbitrary code on the target host...
CVE-2019-19810
Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending crafted RMI requests to execute arbitrary code on the target host...
CVE-2019-19810
Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending crafted RMI requests to execute arbitrary code on the target host...
Deserialization of untrusted data
Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending crafted RMI requests to execute arbitrary code on the target host...
CVE-2019-19810
Zoom Call Recording 6.3.1 from Eleveo is vulnerable to Java Deserialization attacks targeting the inbuilt RMI service. A remote unauthenticated attacker can exploit this vulnerability by sending crafted RMI requests to execute arbitrary code on the target host...
ZOOM Zoom Call Recording 代码问题漏洞
ZOOM Zoom Call Recording is a scalable session recording management solution from Zoom ZOOM USA. The product supports features such as recording, managing and finding session records. A code issue exists in Zoom Call Recording version 6.3.1, which stems from the software's built-in RMI service th...
Zoom Call Recording Cross-Site Scripting Vulnerability
Zoom Call Recording is a scalable session recording management solution from Zoom USA. The product supports features such as recording, managing and finding session records. A cross-site scripting vulnerability exists in Zoom Call Recording version 6.3.1. The vulnerability stems from a lack of...
CVE-2019-18223
ZOOM International Call Recording 6.3.1 suffers from multiple authenticated stored XSS vulnerabilities via the phoneNumber field in the 1 User Edit or 2 User Add form, 3 name field in the Role Add form, 4 name or number field in the Edit Group form, 5 tagKey or tagValue field in the Recording Rul...
Unspecified Vulnerability in Zoom Call Recording
Zoom Call Recording is a scalable session recording management solution from Zoom USA. An unspecified vulnerability exists in Zoom Call Recording. The vulnerability can be exploited to elevate privileges to root by replacing the /opt/callrec/bin/rs binary with a malicious file and leveraging...
CVE-2019-18822
A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allows its user account i.e., the account under which the program runs - by default, the callrec account to elevate privileges to root by abusing the [email protected]. The [email protected] starts the /opt/callrec/bin/rs binar...
Privilege escalation
A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allows its user account i.e., the account under which the program runs - by default, the callrec account to elevate privileges to root by abusing the email protected. The email protected starts the /opt/callrec/bin/rs binary with...
CVE-2019-18822
A privilege escalation vulnerability in ZOOM Call Recording 6.3.1 allows its user account i.e., the account under which the program runs - by default, the callrec account to elevate privileges to root by abusing the [email protected]. The [email protected] starts the /opt/callrec/bin/rs binar...
CVE-2019-18822
CVE-2019-18822 is a concrete privilege-escalation issue affecting Zoom Call Recording 6.3.1. The vulnerability arises because the service [email protected] launches the /opt/callrec/bin/rs binary with root privileges, and that binary is owned by the callrec account. An attacker could replace th...