Privilege Escalation Vulnerability in Inteno IOPSYS via Symlink Manipulation

CVE-2018-14533 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

read_tmp and write_tmp in Inteno IOPSYS allow attackers to gain privileges after writing to /tmp/etc/smb.conf because /var is a symlink to /tmp.

Learn more about our Web Application Penetration Testing UK.