CVE-2020-28169
CVE-2020-28169
The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SYSTEM.
Affected products
n/a · n/apublic PoCs found — 3
githubgithub.com/zubrahzz/FluentD-TD-agent-Exploit-CVE-2020-28169★ 0cve_referencepacketstormsecurity.com/files/160791/Fluentd-TD-agent-4.0.1-Insecure-Folder-Permission.htmlunverifiedexploitdbwww.exploit-db.com/exploits/49363unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://packetstormsecurity.com/files/160791/Fluentd-TD-agent-4.0.1-Insecure-Folder-Permission.htmlhttps://docs.fluentd.org/installation/install-by-msihttps://github.com/fluent/fluentd/issues/3201https://github.com/fluent-plugins-nursery/td-agent-builder/pull/247/commits/6f9cb6393392d62caa99907c0ebbcbab6b94a3f1https://github.com/kenhys/td-agent-builder/commit/eec6e2dedf12f2e0c01c2bbe7b8c15b639b3b938https://td-agent-package-browser.herokuapp.com/4/windowshttps://www.debian.org/security/2021/dsa-4949https://www.fluentd.org/