Main Vulnerability Database Exploits ID:10187 - Exploit for Command Injection in Enlightenment - CVE-2022-37706

ID:10187 - Exploit for Command Injection in Enlightenment - CVE-2022-37706

Published: July 5, 2024

Vulnerability identifier: #VU67606

Vulnerability risk: Low

CVE-ID: CVE-2022-37706

CWE-ID: CWE-77

Exploitation vector: Local access

Vulnerable software:
Enlightenment

Link to public exploit:

https://github.com/AleksPwn/CVE-2022-37706

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper input validation in the window manager. A local unprivileged user can inject and execute arbitrary OS commands with root privileges.

Remediation

Install updates from vendor's website.

ID:10187 - Exploit for Command Injection in Enlightenment - CVE-2022-37706

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human