CVE-2020-25507 (teamwork_cloud)

An incorrect permission assignment (chmod 777) of /etc/environment during the installation script of No Magic TeamworkCloud 18.0 through 19.0 allows any local unprivileged user to write to /etc/environment. An attacker can escalate to root by writing arbitrary code to this file, which would be executed by root during the next login, reboot, or sourcing of the environment.

View Full Alert

Leave a Reply