| Название | H3C M2 V100R006 Misconfiguration |
|---|
| Описание | In H3C M2 NAS (private cloud storage) V100R006, there is a insecure configuration vulnerability. The device sets both User and Group property in the boa webserver configuration file to root permissions. This violates the principle of least privilege. Any exploit in the web interface can immediately grant root access, leading to total device compromise. |
|---|
| Источник | ⚠️ https://www.notion.so/23f54a1113e7804bae88e76f9fb0cf5b |
|---|
| Пользователь | TPCHECKER (UID 88463) |
|---|
| Представление | 29.07.2025 05:41 (11 месяцы назад) |
|---|
| Модерация | 13.08.2025 07:54 (15 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 319861 [H3C M2 NAS V100R006 Webserver Configuration эскалация привилегий] |
|---|
| Баллы | 15 |
|---|