CVE-2012-10022
published 2025-08-01CVE-2012-10022: Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that allow local privilege escalation from uid 48. The lxsuexec…
PriorityP355high8.5CVSS 4.0
AVLACLATNPRLUINVCHVIHVAHSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
0.44%
34.9th percentile
Kloxo versions 6.1.12 and earlier contain two setuid root binaries—lxsuexec and lxrestart—that allow local privilege escalation from uid 48. The lxsuexec binary performs a uid check and permits execution of arbitrary commands as root if the invoking user matches uid 48. This flaw enables attackers with Apache-level access to escalate privileges to root without authentication.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lxcenter | kloxo | <= 6.1.12 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
https://github.com/KloxoNGCommunity/kloxohttps://kloxo.org/https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/local/kloxo_lxsuexec.rbhttps://web.archive.org/web/20121122063935/http://roothackers.net/showthread.php?tid=92https://www.exploit-db.com/exploits/25406https://www.vulncheck.com/advisories/kloxo-local-priv-eschttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/local/kloxo_lxsuexec.rbhttps://web.archive.org/web/20121122063935/http://roothackers.net/showthread.php?tid=92https://www.exploit-db.com/exploits/25406
2025-08-01
Published