| Título | https://github.com/exelban Stats < v2.11.22 Local Privilege Escalation |
|---|
| Descrição | The Stats application is vulnerable to a local privilege escalation due to the insecure implementation of its XPC service. The XPC server does not enforce client validation, and exposed methods are vulnerable to multiple command injection vulnerabilities. As a result, any client can connect to the XPC server and call vulnerable methods to execute arbitrary command as root. |
|---|
| Fonte | ⚠️ https://winslow1984.com/books/cve-collection/page/stats-v21122-local-privilege-escalation |
|---|
| Utilizador | winslow1984 (UID 79140) |
|---|
| Submissão | 01/01/2025 23h02 (há 1 Ano) |
|---|
| Moderação | 11/01/2025 20h17 (10 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 291269 [exelban stats até 2.11.21 XPC Service shouldAcceptNewConnection Elevação de Privilégios] |
|---|
| Pontos | 18 |
|---|