Arbitrary Execution of ndspath Binary with Root Privileges

Arbitrary Execution of ndspath Binary with Root Privileges

CVE-2018-19636 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Supportutils, before version 3.1-5.7.1, when run with command line argument -A searched the file system for a ndspath binary. If an attacker provides one at an arbitrary location it is executed with root privileges

Learn more about our Web Application Penetration Testing UK.