Improper Access Rights and Privilege Escalation Vulnerability in SINEC NMS (All versions < V2.0)

Improper Access Rights and Privilege Escalation Vulnerability in SINEC NMS (All versions < V2.0)

CVE-2022-30527 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application assigns improper access rights to specific folders containing executable files and libraries. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.

Learn more about our Web Application Penetration Testing UK.