Improper Check for Dropped Privileges
CVE-2020-24361
Summary
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknown_trap_exec.
- LOW
- NETWORK
- HIGH
- UNCHANGED
- NONE
- NONE
- HIGH
- HIGH
CWE-273 - Improper Check for Dropped Privileges
The software attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.
References
Advisory Timeline
- Published