CVE-2022-37706

CVSS 7.8 HIGHEPSS 5.5%CWE-269

enlightenment_sys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

n/a · n/a

public PoCs found — 8

githubgithub.com/MaherAzzouzi/CVE-2022-37706-LPE-exploit★ 323 githubgithub.com/ECU-10525611-Xander/CVE-2022-37706★ 2 githubgithub.com/KaoXx/CVE-2022-37706★ 1 githubgithub.com/d3ndr1t30x/CVE-2022-37706★ 1 githubgithub.com/sanan2004/CVE-2022-37706★ 0 githubgithub.com/junnythemarksman/CVE-2022-37706★ 0 githubgithub.com/TACTICAL-HACK/CVE-2022-37706-SUID★ 0 exploitdbwww.exploit-db.com/exploits/51180unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://git.enlightenment.org/enlightenment/enlightenment/commit/cae78cbb169f237862faef123e4abaf63a1f5064 https://git.enlightenment.org/enlightenment/enlightenment/commit/cc7faeccf77fef8b0ae70e312a21e4cde087e141 https://github.com/MaherAzzouzi/CVE-2022-37706-LPE-exploit