← Back

Xerosecurity

xerosecurity

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Sn1per
sn1per
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-39274
1Xerosecurity
1Sn1per
Nov 21, 2024
Aug 19, 2021
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
In XeroSecurity Sn1per 9.0 (free version), insecure directory permissions (0777) are set during installation, allowing an unprivileged user to modify the main application and the application configuration file. This resu...Show more
In XeroSecurity Sn1per 9.0 (free version), insecure directory permissions (0777) are set during installation, allowing an unprivileged user to modify the main application and the application configuration file. This results in arbitrary code execution with root privileges.Show less
CVE-2021-39273
1Xerosecurity
1Sn1per
Nov 21, 2024
Aug 19, 2021
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
In XeroSecurity Sn1per 9.0 (free version), insecure permissions (0777) are set upon application execution, allowing an unprivileged user to modify the application, modules, and configuration files. This leads to arbitrar...Show more
In XeroSecurity Sn1per 9.0 (free version), insecure permissions (0777) are set upon application execution, allowing an unprivileged user to modify the application, modules, and configuration files. This leads to arbitrary code execution with root privileges.Show less