CVE-2022-41572

Published: Jan 7, 2025Modified: Jun 13, 2025

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue was discovered in EyesOfNetwork (EON) through 5.3.11. Privilege escalation can be accomplished on the server because nmap can be run as root. The attacker achieves total control over the server.

Affected (1)

Products: Eyesofnetwork: Eyesofnetwork

Eyesofnetwork

1 product

Eyesofnetwork

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Eyesofnetwork Eyesofnetwork	Up to 5.3-11

Related CWEs

CWE-276

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (2)

https://github.com/EyesOfNetworkCommunity/eonweb/issues/120

Source: cve@mitre.org

Issue Tracking

https://github.com/Orange-Cyberdefense/CVE-repository/

Source: cve@mitre.org

Third Party Advisory

Timeline

No history available yet.