Privilege Escalation via Monkey HTTP Daemon 0.9.3 CGI Script Execution

Privilege Escalation via Monkey HTTP Daemon 0.9.3 CGI Script Execution

CVE-2012-4443 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Monkey HTTP Daemon 0.9.3 uses a real UID of root and a real GID of root during execution of CGI scripts, which might allow local users to gain privileges by leveraging cgi-bin write access.

Learn more about our User Device Pen Test.