An authenticated low-privileged user can exploit a command injection vulnerability to get code-execution as www-data and escalate privileges to root due to weak sudo rules.
QuickBox Pro v2.1.8 and prior is vulnerable.
-
Notifications
You must be signed in to change notification settings - Fork 0
s1gh/QuickBox-Pro-2.1.8-Authenticated-RCE
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
No description, website, or topics provided.
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published