CVE-2022-37706

Related Files

Enlightenment 0.25.3 Privilege Escalation

Posted Dec 27, 2022

Authored by nu11secur1ty

Enlightenment version 0.25.3 suffers from a local privilege escalation vulnerability.

tags | exploit, local

advisories | CVE-2022-37706

SHA-256 | e93489fd26e004d0d8880e5321f8ef4bf09f86a9c280083061f1af59051648cf

Download | Favorite | View

Ubuntu 22.04.1 X64 Desktop Enlightenment 0.25.3-1 Privilege Escalation

Posted Oct 5, 2022

Authored by h00die, Maher Azzouzi | Site metasploit.com

This Metasploit module exploits a command injection within Enlightenment's enlightenment_sys binary. This is done by calling the mount command and feeding it paths which meet all of the system requirements, but execute a specific path as well due to a semi-colon being used. This module was tested on Ubuntu 22.04.1 X64 Desktop with enlightenment 0.25.3-1 (current at module write time).

tags | exploit

systems | linux, ubuntu

advisories | CVE-2022-37706

SHA-256 | 2d952d42924466b709a23b5f40edb0a8dcb5cde23f8d5e429d729b94fe696986

Download | Favorite | View

Debian Security Advisory 5233-1

Posted Sep 28, 2022

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5233-1 - Maher Azzouzi discovered that missing input sanitising in the Enlightenment window manager may result in local privilege escalation to root.

tags | advisory, local, root

systems | linux, debian

advisories | CVE-2022-37706

SHA-256 | 038bc6131b6fd2cfa407d7ba8198b1856f3aa45cd0d7b1b66c8e56e410074926

Download | Favorite | View