Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0311

4 documents4 sources

Severity

10.0CRITICAL

EPSS

3.7%

top 11.98%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Caldera Openunix Caldera Unixware

Timeline

PublishedMay 31

Latest updateMay 3

Description

Vulnerability in webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 allows local and possibly remote attackers to gain root privileges via shell metacharacters in the -c argument for (1) in scoadminreg.cgi or (2) service_action.cgi.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

▶NVDcaldera/openunix8.0

▶NVDcaldera/unixware7.1.1

Patches

Patch: www.iss.net ↗Patch: www.iss.net ↗

🔴Vulnerability Details

GHSA

GHSA-gr8c-c42r-9w68: Vulnerability in webtop in UnixWare 7↗2022-05-03

▶

CVEList

CVE-2002-0311: Vulnerability in webtop in UnixWare 7↗2002-05-03

▶

💥Exploits & PoCs

Exploit-DB

Caldera UnixWare 7.1.1 - WebTop 'SCOAdminReg.cgi' Arbitrary Command Execution↗2002-01-20

▶