Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory.
CPE | Name | Operator | Version |
---|---|---|---|
connectport_x2e_firmware | lt | 3.2.30.6 |