Unrated severityOSV Advisory· Published Jun 5, 2018· Updated Aug 5, 2024
CVE-2018-10057
CVE-2018-10057
Description
The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions (absolute directory traversal).
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.openwall.com/lists/oss-security/2018/06/03/1mitremailing-listx_refsource_MLIST
- github.com/tintinweb/pub/tree/master/pocs/cve-2018-10057mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.