Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Kloxo <= 6.1.12 Local Privilege Escalation
Vulnerability Description
Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that allow local privilege escalation from uid 48. The lxsuexec binary performs a uid check and permits execution of arbitrary commands as root if the invoking user matches uid 48. This flaw enables attackers with Apache-level access to escalate privileges to root without authentication.
CVSS Information
N/A
Vulnerability Type
特权管理不恰当
Vulnerability Title
Kloxo 安全漏洞
Vulnerability Description
Kloxo是LxCenter开源的一个托管平台。 Kloxo 6.1.12及之前版本存在安全漏洞,该漏洞源于lxsuexec和lxrestart二进制文件存在本地权限提升问题,可能导致执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A