Skip to main content
CVE-2018-14055 MEDIUM PATCH This Month

ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Znc Debian Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
1.5%
CVE-2018-14056 MEDIUM PATCH This Month

ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Path Traversal Znc Debian Linux
NVD GitHub
CVSS 3.0
5.3
EPSS
2.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy