Description


Soyal Technologies SOYAL 701Server 9.0.1 suffers from an elevation of privileges vulnerability which can be used by an authenticated user to change the executable file with a binary choice. The vulnerability is due to improper permissions with the 'F' flag (Full) for 'Everyone'and 'Authenticated Users' group.

Related CPE's



Vulnerable

References


https://www.exploit-db.com/exploits/49678

ExploitThird Party AdvisoryVDB Entry


Weaknesses



CWE-276

CVSS impact metrics


CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-04-27T13:15:08.373

4 years ago

Last modified

2021-09-23T14:27:05.190

3 years ago