| タイトル | https://github.com/exelban Stats < v2.11.22 Local Privilege Escalation |
|---|
| 説明 | The Stats application is vulnerable to a local privilege escalation due to the insecure implementation of its XPC service. The XPC server does not enforce client validation, and exposed methods are vulnerable to multiple command injection vulnerabilities. As a result, any client can connect to the XPC server and call vulnerable methods to execute arbitrary command as root. |
|---|
| ソース | ⚠️ https://winslow1984.com/books/cve-collection/page/stats-v21122-local-privilege-escalation |
|---|
| ユーザー | winslow1984 (UID 79140) |
|---|
| 送信 | 2025年01月01日 23:02 (1 年 ago) |
|---|
| モデレーション | 2025年01月11日 20:17 (10 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 291269 [exelban stats 迄 2.11.21 XPC Service shouldAcceptNewConnection 特権昇格] |
|---|
| ポイント | 18 |
|---|