Home / os / wince

Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation

Posted on 19 August 2023

Cisco ThousandEyes Enterprise Agent Virtual Appliance version thousandeyes-va-64-18.04 0.218 has an insecure sudo configuration which permits a low-privilege user to run arbitrary commands as root via the tcpdump command without a password.

 

TOP