EyesOfNetwork 5.1 module/tool_all/ host privilege escalation – Digitalmunition

Exploit/Advisories Cybersecurity study of the dark web exposes vulnerability to machine identities -- ScienceDaily

Published on August 17th, 2019 📆 | 2351 Views ⚑


EyesOfNetwork 5.1 module/tool_all/ host privilege escalation

CVSS Meta Temp ScoreCurrent Exploit Price (≈)

A vulnerability, which was classified as critical, has been found in EyesOfNetwork 5.1. Affected by this issue is some unknown processing of the file module/tool_all/. The manipulation of the argument host as part of a Shell Metacharacter leads to a privilege escalation vulnerability (Command). Using CWE to declare the problem leads to CWE-269. Impacted is confidentiality, integrity, and availability.

The weakness was presented 08/16/2019. This vulnerability is handled as CVE-2019-14923 since 08/10/2019. The attack may be launched remotely. Technical details are known, but there is no available exploit. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment (estimation calculated on 08/17/2019).

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.


VulDB Meta Base Score: 6.3
VulDB Meta Temp Score: 6.3

VulDB Base Score: ≈6.3
VulDB Temp Score: ≈6.3
VulDB Vector: 🔒
VulDB Reliability: 🔍

VulDB Base Score: 🔒
VulDB Temp Score: 🔒
VulDB Reliability: 🔍
Class: Privilege escalation / Command (CWE-269)
Local: No
Remote: Yes

Availability: 🔒
Status: Not defined

Price Prediction: 🔍
Current Price Estimation: 🔒

Threat Intelligenceinfoedit

Threat: 🔍
Adversaries: 🔍
Geopolitics: 🔍
Economy: 🔍
Predictions: 🔍
Remediation: 🔍Recommended: no mitigation known

0-Day Time: 🔒

08/10/2019 CVE assigned
08/16/2019 +6 days Advisory disclosed
08/17/2019 +1 days VulDB entry created
08/17/2019 +0 days VulDB last update
CVE: CVE-2019-14923 (🔒)Created: 08/17/2019 08:36 AM
Complete: 🔍

Download it now for free!


Tagged with:

Leave a Reply