An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was released after April 15, 2020. (Note, the version numbering system changed significantly between version 4.3.15 and version 1.0.7.)
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: rapid7

Published: 2020-08-13T19:05:15.783973Z

Updated: 2024-09-17T01:21:03.461Z

Reserved: 2020-01-21T00:00:00

Link: CVE-2020-7360

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2020-08-13T19:15:14.113

Modified: 2020-08-19T21:26:02.727

Link: CVE-2020-7360

cve-icon Redhat

No data.