CVE-2020-36772

MEDIUM

CloudLinux CageFS <7.0.8.2 - Info Disclosure

Title source: llm

Description

CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outside the CageFS environment.

References (4)

[Various Sources] https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-02_CloudLinux_CageFS_Insufficiently_Restricted_Proxy_Commands

View Writeup ZIP pw:eip

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/176791/CloudLinux-CageFS-7.0.8-2-Insufficiently-Restricted-Proxy-Command.html

[Exploit, Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2024/Jan/25

[Release Notes] https://blog.cloudlinux.com/lve-manager-lve-stats-lve-utils-and-alt-python27-cllib-have-been-rolled-out-to-100

Scores

CVSS v3 4.4

EPSS 0.0002

EPSS Percentile 6.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-610 CWE-73

Status published

Products (1)

cloudlinux/cagefs < 7.1.1-1

Published Jan 22, 2024

Tracked Since Feb 18, 2026