| Título | H3C M2 V100R006 Misconfiguration |
|---|
| Descripción | In H3C M2 NAS (private cloud storage) V100R006, there is a insecure configuration vulnerability. The device sets both User and Group property in the boa webserver configuration file to root permissions. This violates the principle of least privilege. Any exploit in the web interface can immediately grant root access, leading to total device compromise. |
|---|
| Fuente | ⚠️ https://www.notion.so/23f54a1113e7804bae88e76f9fb0cf5b |
|---|
| Usuario | TPCHECKER (UID 88463) |
|---|
| Sumisión | 2025-07-29 05:41 (hace 11 meses) |
|---|
| Moderación | 2025-08-13 07:54 (15 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 319861 [H3C M2 NAS V100R006 Webserver Configuration escalada de privilegios] |
|---|
| Puntos | 15 |
|---|