| Título | Radarr 5.28.0.10274 Incorrect Default Permissions |
|---|
| Descrição | The Radarr service binary grants Modify or write permissions to the Built-in Users group, local non-privileged users can replace or modify the executable. If the service runs under a high-privilege account (e.g., LocalSystem / SYSTEM) the modified binary may run with elevated privileges after service restart or system reboot. This yields a local privilege escalation path from ordinary user to system. |
|---|
| Fonte | ⚠️ https://github.com/lakshayyverma/CVE-Discovery/blob/main/Radarr.md |
|---|
| Utilizador | lakshay12311 (UID 91298) |
|---|
| Submissão | 28/10/2025 06h26 (há 6 meses) |
|---|
| Moderação | 13/11/2025 16h28 (16 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 332361 [Radarr 5.28.0.10274 Service Radarr.Console.exe Elevação de Privilégios] |
|---|
| Pontos | 19 |
|---|