CVE-2022-41572

An issue was discovered in EyesOfNetwork (EON) through 5.3.11. Privilege escalation can be accomplished on the server because nmap can be run as root. The attacker achieves total control over the server.
Configurations

Configuration 1 (hide)

cpe:2.3:a:eyesofnetwork:eyesofnetwork:*:*:*:*:*:*:*:*

History

13 Jun 2025, 15:10

Type Values Removed Values Added
References () https://github.com/EyesOfNetworkCommunity/eonweb/issues/120 - () https://github.com/EyesOfNetworkCommunity/eonweb/issues/120 - Issue Tracking
References () https://github.com/Orange-Cyberdefense/CVE-repository/ - () https://github.com/Orange-Cyberdefense/CVE-repository/ - Third Party Advisory
CPE cpe:2.3:a:eyesofnetwork:eyesofnetwork:*:*:*:*:*:*:*:*
First Time Eyesofnetwork
Eyesofnetwork eyesofnetwork

08 Jan 2025, 15:15

Type Values Removed Values Added
Summary
  • (es) Se descubrió un problema en EyesOfNetwork (EON) hasta la versión 5.3.11. La escalada de privilegios se puede lograr en el servidor porque nmap se puede ejecutar como superusuario. El atacante logra el control total sobre el servidor.
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8
CWE CWE-276

07 Jan 2025, 20:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-01-07 20:15

Updated : 2025-06-13 15:10


NVD link : CVE-2022-41572

Mitre link : CVE-2022-41572

CVE.ORG link : CVE-2022-41572


JSON object : View

Products Affected

eyesofnetwork

  • eyesofnetwork
CWE
CWE-276

Incorrect Default Permissions