Medium severity4.4NVD Advisory· Published Jan 22, 2024· Updated Jun 17, 2026
CVE-2020-36772
CVE-2020-36772
Description
CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outside the CageFS environment.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=7.0.8-2+ 1 more
- (no CPE)range: <=7.0.8-2
- (no CPE)range: 7.0.8-2
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/176791/CloudLinux-CageFS-7.0.8-2-Insufficiently-Restricted-Proxy-Command.htmlnvdExploitThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2024/Jan/25nvdExploitMailing ListThird Party Advisory
- blog.cloudlinux.com/lve-manager-lve-stats-lve-utils-and-alt-python27-cllib-have-been-rolled-out-to-100nvdRelease Notes
- github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-02_CloudLinux_CageFS_Insufficiently_Restricted_Proxy_Commandsnvd
News mentions
0No linked articles in our index yet.