Privilege Escalation Vulnerability in Acunetix Web Vulnerability Scanner (WVS)

Privilege Escalation Vulnerability in Acunetix Web Vulnerability Scanner (WVS)

CVE-2015-4027 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) before 10 build 20151125 allows local users to gain privileges via a command parameter in the reporttemplate property in a params JSON object to api/addScan.

Learn more about our Web App Pen Testing.