3 matches found
CVE-2020-13532
A privilege escalation vulnerability exists in Dream Report 5 R20-2. In the default configuration, the Syncfusion Dashboard Service service binary can be replaced by attackers to escalate privileges to NT SYSTEM. An attacker can provide a malicious file to trigger this vulnerability...
CVE-2020-13532
Dream Report 5 R20-2 is affected by CVE-2020-13532. Talos confirms a privilege-escalation via replacing the Syncfusion Dashboard Service binary when Dream Report is installed by default in C:\ODS with weak permissions, allowing an attacker to escalate to NT SYSTEM by providing a malicious file. R...
Dream Report platform privilege escalation vulnerability
Summary Multiple privilege escalation vulnerabilities exist in Dream Report 5 R20-2. A specially crafted executable can cause elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Dream Report 5 R20-2 Product URLs https://dreamreport.net/...