CVE-2021-45809

Multiple versions of GlobalProtect-openconnect are affected by incorrect access control in GPService through DBUS, GUI Application. The way GlobalProtect-Openconnect is set up enables arbitrary users to execute commands as root by submitting the `–script=<script>` parameter.

Original Article

Leave a Reply

Your email address will not be published. Required fields are marked *