A bug in the 9p authentication implementation within lib9p allows an attacker with an existing valid user within the configured auth server to impersonate any other valid filesystem user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
Authentication Bypass
Lib9P
NVD
CVSS 4.0
8.8
EPSS
0.4%