server.cpp in MyServer 0.8.5 calls Process::setuid before calling Process::setgid and thus does not properly drop privileges, which might allow remote attackers to execute CGI programs with unintended privileges.

Threat-Mapped Scoring

Score: 0.0

Priority: Unclassified

EPSS

Score: 0.00567
Percentile: 0.67505

CVSS Scoring

Affected Products

• cpe:2.3:a:myserver:myserver:0.8.5:*:*:*:*:*:*:*

← Back to Home