CVE-2024-36814 – github.com/adguardteam/adguardhome

Package

Manager: go
Name: github.com/adguardteam/adguardhome
Vulnerable Version: >=0 <0.107.53

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00721 pctl0.7165

Details

Adguard Home arbitrary file read vulnerability An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file into a readable directory.

Metadata

Created: 2024-10-08T21:31:09Z
Modified: 2024-10-11T16:49:13Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/10/GHSA-9cp9-8gw2-8v7m/GHSA-9cp9-8gw2-8v7m.json
CWE IDs: ["CWE-22"]
Alternative ID: GHSA-9cp9-8gw2-8v7m
Finding: F063
Auto approve: 1