CVE-2020-11498

HIGH

Slack Nebula < 1.1.0 - Path Traversal and Arbitrary Code Execution via tun_darwin.go or tun_windows.go

Title source: llm
STIX 2.1

Description

Slack Nebula through 1.1.0 contains a relative path vulnerability that allows a low-privileged attacker to execute code in the context of the root user via tun_darwin.go or tun_windows.go. A user can also use Nebula to execute arbitrary code in the user's own context, e.g., for user-level persistence or to bypass security controls. NOTE: the vendor states that this "requires a high degree of access and other preconditions that are tough to achieve."

References (2)

Core 2
Core References
Patch, Third Party Advisory x_refsource_misc
https://github.com/slackhq/nebula/pull/191

Scores

CVSS v3 8.8
EPSS 0.0340
EPSS Percentile 87.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-22
Status published
Products (1)
slack/nebula < 1.1.0
Published Apr 02, 2020
Tracked Since Feb 18, 2026