| Título | H3C M2 V100R006 Misconfiguration |
|---|
| Descrição | In H3C M2 NAS (private cloud storage) V100R006, there is a insecure configuration vulnerability. The device sets both User and Group property in the boa webserver configuration file to root permissions. This violates the principle of least privilege. Any exploit in the web interface can immediately grant root access, leading to total device compromise. |
|---|
| Fonte | ⚠️ https://www.notion.so/23f54a1113e7804bae88e76f9fb0cf5b |
|---|
| Utilizador | TPCHECKER (UID 88463) |
|---|
| Submissão | 29/07/2025 05h41 (há 11 meses) |
|---|
| Moderação | 13/08/2025 07h54 (15 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 319861 [H3C M2 NAS V100R006 Webserver Configuration Elevação de Privilégios] |
|---|
| Pontos | 15 |
|---|