Privilege Escalation through Misconfigured Sudo in KramerAV VIAWare

Privilege Escalation through Misconfigured Sudo in KramerAV VIAWare

CVE-2021-35064 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg.

Learn more about our Web Application Penetration Testing UK.