← Back

V2rayl Project

v2rayl_project

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
V2rayl
v2rayl
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-10589
1V2rayl Project
1V2rayl
Nov 21, 2024
Mar 15, 2020
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/config.json is owned by a low-privileged user but contains commands that are executed as root, after v2rayL.service is restarted via Sudo.
CVE-2020-10588
1V2rayl Project
1V2rayl
Nov 21, 2024
Mar 15, 2020
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privileged user but execute as root via Sudo.