2 matches found
CVE-2025-34078 NSClient++ 0.5.2.35 Local Privilege Escalation via ExternalScripts and Web Interface
A local privilege escalation vulnerability exists in NSClient++ 0.5.2.35 when both the web interface and ExternalScripts features are enabled. The configuration file nsclient.ini stores the administrative password in plaintext and is readable by local users. By extracting this password, an attack...
CVE-2025-34078
NSClient++ 0.5.2.35 contains a local privilege-escalation flaw when both web interface and ExternalScripts are enabled. The nsclient.ini file stores the admin password in plaintext and is readable by local users, allowing an attacker to extract the credential, authenticate to the NSClient++ web i...