Privilege Escalation via Insecure Parameter Validation in Brocade Vyatta 5400 vRouter

Privilege Escalation via Insecure Parameter Validation in Brocade Vyatta 5400 vRouter

CVE-2014-4870 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

/opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 does not properly validate parameters, which allows local users to gain privileges by leveraging the sudo configuration.

Learn more about our User Device Pen Test.