CNNVD-202508-091 Information
CNNVD ID
CNNVD-202508-091
Related CVE
- CNNVD Published: 2025-08-01
Description (Chinese)
Kloxo是LxCenter开源的一个托管平台。 Kloxo 6.1.12及之前版本存在安全漏洞,该漏洞源于lxsuexec和lxrestart二进制文件存在本地权限提升问题,可能导致执行任意命令。
Description (English)
Kloxo is a hosting platform for the LxCenter open source. There is a security loophole in Kloxo 6.1.12 and earlier versions, which stems from the problem of lxsuexec and lxrestart binary files with local rights enhancement, which may lead to the execution of arbitrary orders.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
LxCenter
Published
2025-08-01
Last Modified
2026-02-24
References
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/local/kloxo_lxsuexec.rb https://github.com/KloxoNGCommunity/kloxo http://roothackers.net/showthread.php?tid=92 https://web.archive.org/web/20121122063935/ https://www.exploit-db.com/exploits/25406 https://kloxo.org/ https://www.vulncheck.com/advisories/kloxo-local-priv-esc https://access.redhat.com/security/cve/cve-2012-10022
Patch
https://github.com/KloxoNGCommunity/kloxo/releases
Share on: