CVE-2020-19005

CVE-2020-19005

EPSS 0.7%

zrlog v2.1.0 has a vulnerability with the permission check. If admin account is logged in, other unauthorized users can download the database backup file directly.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/94fzb/zrlog/commit/b2b4415e2e59b6f18b0a62b633e71c96d63c43ba https://github.com/94fzb/zrlog/issues/48