Vulnerability Details CVE-2021-26758
Privilege Escalation in LiteSpeed Technologies OpenLiteSpeed web server version 1.7.8 allows attackers to gain root terminal access and execute commands on the host system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.034
EPSS Ranking 86.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
- https://docs.unsafe-inline.com/0day/openlitespeed-web-server-1.7.8-command-injection-to-privilege-escalation-cve-2021-26758
- https://github.com/litespeedtech/openlitespeed/issues/217
- https://www.exploit-db.com/exploits/49556
- https://docs.unsafe-inline.com/0day/openlitespeed-web-server-1.7.8-command-injection-to-privilege-escalation-cve-2021-26758
- https://github.com/litespeedtech/openlitespeed/issues/217
- https://www.exploit-db.com/exploits/49556
Products affected by CVE-2021-26758
-
cpe:2.3:a:litespeedtech:openlitespeed:1.7.8