2020-02-07 14:56:17
hackerone
PUBLISHED
A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script dont fully sanitize the user input resulting in local commands execution, allowing an operator user (Privilege-1) to escalate privileges and became administrator (Privilege-15).