CVE-2020-36772
4.4MEDIUMCloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outside
Publicado: 1/22/2024Atualizado: 5/30/2025
Descrição
CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outside the CageFS environment.
Análise IADesenvolvido por IA
Produtos Afetados
cloudlinuxcagefs
Referências
- http://packetstormsecurity.com/files/176791/CloudLinux-CageFS-7.0.8-2-Insufficiently-Restricted-Proxy-Command.htmlExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2024/Jan/25ExploitMailing ListThird Party Advisory
- https://blog.cloudlinux.com/lve-manager-lve-stats-lve-utils-and-alt-python27-cllib-have-been-rolled-out-to-100Release Notes
- https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-02_CloudLinux_CageFS_Insufficiently_Restricted_Proxy_Commands
- http://packetstormsecurity.com/files/176791/CloudLinux-CageFS-7.0.8-2-Insufficiently-Restricted-Proxy-Command.htmlExploitThird Party AdvisoryVDB Entry
- http://seclists.org/fulldisclosure/2024/Jan/25ExploitMailing ListThird Party Advisory
- https://blog.cloudlinux.com/lve-manager-lve-stats-lve-utils-and-alt-python27-cllib-have-been-rolled-out-to-100Release Notes
- https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-02_CloudLinux_CageFS_Insufficiently_Restricted_Proxy_Commands