VYPR
Unrated severityNVD Advisory· Published Feb 17, 2021· Updated Aug 4, 2024

CVE-2020-12878

CVE-2020-12878

Description

Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory.

Affected products

2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.