Home
HIGH: 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HDefault status
unaffected
0.0.0 (semver) before 1.7.3
affected
Default status
unaffected
0.0.0 (semver) before 1.7.3
affected
Default status
unaffected
0.0.0 (semver) before 1.7.3
affected
Default status
unaffected
0.0.0 (semver) before 1.7.3
affected
Description
An unauthenticated local attacker can inject a command that is subsequently executed as root, leading to a privilege escalation.
Problem types
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Product status
0.0.0 (semver) before 1.7.3
0.0.0 (semver) before 1.7.3
0.0.0 (semver) before 1.7.3
0.0.0 (semver) before 1.7.3
Credits
HT3 Labs
References
certvde.com/de/advisories/VDE-2025-019