Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines
Vulnerability Description
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, which could allow a local user to acquire root permissions by modifying the updatescript.js, inserting special code inside the script and creating the done.txt file. This would cause the watchdog process to run as root and execute the payload stored in the updatescript.js.
CVSS Information
CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
特权管理不恰当
Vulnerability Title
Lamassu Bitcoin ATM Douro 安全漏洞
Vulnerability Description
Lamassu Bitcoin ATM Douro是Lamassu公司的一个比特币ATM机。 Lamassu Bitcoin ATM Douro 7.1版本存在安全漏洞。攻击者利用该漏洞可以获取root权限并执行 updatescript.js 中存储的有效载荷。
CVSS Information
N/A
Vulnerability Type
N/A