Product: FileCloud Version: (, 21.3.5.18513) - Tested on version 21.3.5.18513 CVSS : 9.1 - CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H Vulnerability: Remote Code Execution
Condition - You must have sudo permission on nginx
:
user@host:~$ sudo -l
Matching Defaults entries for user on host:
env_reset, mail_badpass, secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin, use_pty
User user may run the following commands on host: