Vulnerability Details CVE-2015-7378
Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda_URL_Filteringb.exe.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.2%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- http://packetstormsecurity.com/files/136607/Panda-Security-URL-Filtering-Privilege-Escalation.html
- http://seclists.org/fulldisclosure/2016/Apr/25
- https://www.exploit-db.com/exploits/39670/
- http://packetstormsecurity.com/files/136607/Panda-Security-URL-Filtering-Privilege-Escalation.html
- http://seclists.org/fulldisclosure/2016/Apr/25
- https://www.exploit-db.com/exploits/39670/
Products affected by CVE-2015-7378
-
cpe:2.3:a:watchguard:panda_url_filtering:4.3.1.8