Privilege Escalation Vulnerability in Open TFTP Server 1.66

Privilege Escalation Vulnerability in Open TFTP Server 1.66

CVE-2020-26130 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the OpenTFTPServerSP.exe binary.

Learn more about our Cis Benchmark Audit For Server Software.