Linux Distros Unpatched Vulnerability : CVE-2022-37706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles...

CVE-2022-37706

enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring...

CVE-2022-37706

enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring...

Ubuntu 22.04.1 X64 Desktop Enlightenment 0.25.3-1 Privilege Escalation Exploit

This Metasploit module exploits a command injection within Enlightenment's enlightenmentsys binary. This is done by calling the mount command and feeding it paths which meet all of the system requirements, but execute a specific path as well due to a semi-colon being used. This module was tested ...