Home / exploitsPDF  

Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification

Posted on 19 August 2023

Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 suffers from an unpatched vulnerability in sudoedit, allowed by sudo configuration, which permits a low-privilege user to modify arbitrary files as root and subsequently execute arbitrary commands as root.

 

TOP