CVE-2020-24848

Published
View on NVD ↗
CVSS v3
7.8
HIGH
CVSS v2
7.2
HIGH
Affected
1
PROJECT

Description

FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.

xtr4nge/FruityWifi
xtr4nge/FruityWifi
FruityWiFi is a wireless network auditing tool. The application can be installed in any Debian based system (Jessie) adding the extra packages. Tested in Debian, Kali Linux, Kali Linux ARM (Raspberry Pi), Raspbian (Raspberry Pi), Pwnpi (Raspberry Pi), Bugtraq, NetHunter.
GitHubGitHub
2.27K