CVE-2013-4481

LOW

—CVSS v3

1.9CVSS v2

0.08% EPSS (exploit probability)

CWE-362CWE

Description

Race condition in Luci 0.26.0 creates /var/lib/luci/etc/luci.ini with world-readable permissions before restricting the permissions, which allows local users to read the file and obtain sensitive information such as "authentication secrets."

Affected routers (0)

No routers currently mapped to this CVE in our database.

External references

NIST NVD
MITRE CVE