External Control of File Name or Path
CVE-2024-6714
Summary
An issue was discovered in provd before version 0.1.5 with a setuid binary, which allows a local attacker to escalate their privilege.
- LOW
- LOCAL
- HIGH
- CHANGED
- NONE
- LOW
- HIGH
- HIGH
CWE-73 - External Control of File Name or Path
The software allows user input to control or influence paths or file names that are used in filesystem operations.
References
Advisory Timeline
- Published
