Privilege Escalation via Symlink Following in Dropbear SSH (CVE-2021-XXXX)

Privilege Escalation via Symlink Following in Dropbear SSH (CVE-2021-XXXX)

CVE-2017-9079 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:N/A:N

Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file format with a command= option. This occurs because ~/.ssh/authorized_keys is read with root privileges and symlinks are followed.

Learn more about our User Device Pen Test.