An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Privilege escalation can occur via world writable files. The network configuration script has weak filesystem permissions. This results in write access for all authenticated users and the possibility to escalate from user privileges to administrative privileges.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HElspec Ltd G5dfr
HWElspec-Ltdwszystkie wersjeElspec Ltd G5dfr Firmware
OSElspec-Ltd< 1.2.1.12
Related vulnerabilities
Nieuwierzytelniona korupcja pamięci w Elspec G5 Digital Fault Recorder
Elspec G5 – nieuwierzytelnione uszkodzenie pamięci podczas parsowania XML
An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML External Enti...
Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow.
An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 ...