Vulnerability Details CVE-2020-24848
FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.5%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
Products affected by CVE-2020-24848
-
cpe:2.3:a:fruitywifi_project:fruitywifi:2.0
-
cpe:2.3:a:fruitywifi_project:fruitywifi:2.1
-
cpe:2.3:a:fruitywifi_project:fruitywifi:2.1.1
-
cpe:2.3:a:fruitywifi_project:fruitywifi:2.1.2
-
cpe:2.3:a:fruitywifi_project:fruitywifi:2.1.3
-
cpe:2.3:a:fruitywifi_project:fruitywifi:2.2
-
cpe:2.3:a:fruitywifi_project:fruitywifi:2.3
-
cpe:2.3:a:fruitywifi_project:fruitywifi:2.4