2 matches found
CVE-2020-9024
Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have world-writable permissions for the /root/cleardata.pl executed as root by crond and /root/loadperl.sh executed as root at boot time scripts...
CVE-2020-9024
The CVE concerns Iteris Vantage Velocity Field Unit, versions 2.3.1 and 2.4.2. The underlying issue is world-writable permissions on two scripts: /root/cleardata.pl (executed as root by crond) and /root/loadperl.sh (executed as root at boot). This improper permissions setup can allow unauthorized...