15 matches found
CVE-2020-10588
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privileged user but execute as root via Sudo...
EUVD-2020-3039
Malware in sbrugna...
EUVD-2020-3040
Malware in sbrugna...
CVE-2020-10589
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/config.json is owned by a low-privileged user but contains commands that are executed as root, after v2rayL.service is restarted via Sudo...
An unspecified vulnerability exists in v2rayL
v2rayL is a Linux GUI client software for v2ray agents. A security vulnerability exists in v2rayL version 2.1.3, which stems from the fact that the /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh files owned by a low-privileged user can be run as root via Sudo, which can be exploited by a local...
v2rayL Command Execution Vulnerability
v2rayL is a Linux GUI client software for v2ray agents. A security vulnerability exists in v2rayL version 2.1.3, which originates from the fact that /etc/v2rayL/config.json, owned by a low-privileged user, contains commands that can be run with root privileges. A local attacker can exploit this...
CVE-2020-10589
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/config.json is owned by a low-privileged user but contains commands that are executed as root, after v2rayL.service is restarted via Sudo...
CVE-2020-10588
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privileged user but execute as root via Sudo...
CVE-2020-10589
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/config.json is owned by a low-privileged user but contains commands that are executed as root, after v2rayL.service is restarted via Sudo...
CVE-2020-10588
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privileged user but execute as root via Sudo...
Design/Logic Flaw
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privileged user but execute as root via Sudo...
CVE-2020-10589
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/config.json is owned by a low-privileged user but contains commands that are executed as root, after v2rayL.service is restarted via Sudo...
CVE-2020-10589
v2rayL 2.1.3 contains a local privilege escalation: /etc/v2rayL/config.json is owned by a low-privilege user but includes commands executed as root when v2rayL.service is restarted via sudo. This enables local users to gain root access. Documented impact is root with local access; exploitation de...
CVE-2020-10588
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privileged user but execute as root via Sudo...
CVE-2020-10588
CVE-2020-10588 affects v2rayL 2.1.3 on Linux. The vulnerability arises because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privilege user but are executed as root via sudo, enabling local users to escalate to root. The Red Hat and CNVD entries confirm the same root-privilege e...