Improper Check for Dropped Privileges
CVE-2020-24361
Summary
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknown_trap_exec.
- LOW
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
CWE-273 - Improper Check for Dropped Privileges
The software attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.
References
Advisory Timeline
- Published
