CVE-2024-48911
OpenCanary Executes Commands From Potentially Writable Config File
7.8
HIGH
CVSS 3.1
EPSS 0.22%
Description
OpenCanary, a multi-protocol network honeypot, directly executed commands taken from its config file. Prior to version 0.9.4, where the config file is stored in an unprivileged user directory but the daemon is executed by root, it’s possible for the unprivileged user to change the config file and escalate permissions when root later runs the daemon. Version 0.9.4 contains a fix for the issue.
How to fix CVE-2024-48911
To remediate CVE-2024-48911, upgrade the affected package to a fixed version below.
- —upgrade to 0.9.5 or later
- —upgrade to 0.9.4 or later
Is CVE-2024-48911 being exploited?
Low — EPSS is 0.2%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 0.9.5
- from 0, < 0.9.4
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N |
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |