CVE-2024-10526

HIGH Year: 2024
Weakness Type
CWE-552
View all →

Vulnerability Description

Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it creates the installation directory with WRITE_DACL permission to the BUILTIN\\Users group. This allows local users who are not administrators to grant themselves the Full Control permission on Velociraptor's files. By modifying Velociraptor's files, local users can subvert the binary and cause the Velociraptor service to execute arbitrary code as the SYSTEM user, or to replace the Velociraptor binary completely. This issue is fixed in version 0.73.3.

Related Vulnerabilities

CVE-2024-39931

CRITICAL
CVSS:9.9(Critical)

Gogs through 0.13.0 allows deletion of internal files.

CWE-5522024

CVE-2017-10930

CRITICAL
CVSS:9.8(Critical)

The ZXR10 1800-2S before v3.00.40 incorrectly restricts access to a resource from an unauthorized actor, resulting in ordinary users being able to download configuration files to steal information lik...

CWE-5522017

CVE-2017-14942

CRITICAL
CVSS:9.8(Critical)

Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:...

CWE-5522017

CVE-2020-12743

CRITICAL
CVSS:9.8(Critical)

An issue was discovered in Gazie 7.32. A successful installation does not remove or block (or in any other way prevent use of) its own file /setup/install/setup.php, meaning that anyone can request it...

CWE-5522020

CVE-2023-29931

CRITICAL
CVSS:9.8(Critical)

laravel-s 3.7.35 is vulnerable to Local File Inclusion via /src/Illuminate/Laravel.php.

CWE-5522023

CVE-2023-48710

CRITICAL
CVSS:9.8(Critical)

iTop is an IT service management platform. Files from the `env-production` folder can be retrieved even though they should have restricted access. Hopefully, there is no sensitive files stored in that...

CWE-5522023