FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

znc -- privilege escalation

Affected packages
znc < 1.7.4

Details

VuXML ID 6f15730d-94ea-11e9-a83e-641c67a117d8
Discovery 2019-06-13
Entry 2019-06-22

Mitre reports:

Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name.

References

CVE Name CVE-2019-12816
URL https://wiki.znc.in/ChangeLog/1.7.4