MEDIUM🇬🇧 English

CVE-2020-36772

CVSS 4.4v3.1pub. 2024-01-22upd. 2025-05-30

CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outside the CageFS environment.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
  • Cloudlinux Cagefs

    APP
    Cloudlinux
    < 7.1.1-1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2020-36771HIGH7.8ten sam produkt

CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a command line argument. In some configu...

CVE-2025-65530HIGH8.8ten sam vendor

An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attacker...

CVE-2021-21956HIGH7.8ten sam vendor

A php unserialize vulnerability exists in the Ai-Bolit functionality of CloudLinux Inc Imunify360 5.10.2. A sp...