Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-32019— ndsudo: local privilege escalation via untrusted search path

CVSS 8.8 · High EPSS 0.58% · P69
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-32019

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
ndsudo: local privilege escalation via untrusted search path
Source: NVD (National Vulnerability Database)
Vulnerability Description
Netdata is an open source observability tool. In affected versions the `ndsudo` tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The `ndsudo` tool is packaged as a `root`-owned executable with the SUID bit set. It only runs a restricted set of external commands, but its search paths are supplied by the `PATH` environment variable. This allows an attacker to control where `ndsudo` looks for these commands, which may be a path the attacker has write access to. This may lead to local privilege escalation. This vulnerability has been addressed in versions 1.45.3 and 1.45.2-169. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
不可信的搜索路径
Source: NVD (National Vulnerability Database)
Vulnerability Title
Netdata 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Netdata是Netdata开源的一个高保真基础设施监控和故障排除应用程序。 Netdata存在安全漏洞。攻击者利用该漏洞以 root 权限运行任意程序。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
netdatanetdata >= 1.45.0, < 1.45.3 -

II. Public POCs for CVE-2024-32019

#POC DescriptionSource LinkShenlong Link
1POC for netdata ndsudo vulnerability - CVE-2024-32019https://github.com/AzureADTrent/CVE-2024-32019-POCPOC Details
2CVE-2024-32019 is a high-severity local privilege escalation vulnerability in Netdata (versions >= 1.44.0-60 < 1.45.3), caused by insecure use of the PATH variable in the ndsudo SUID binary, allowing attackers to execute arbitrary commands as root.https://github.com/dollarboysushil/CVE-2024-32019-Netdata-ndsudo-PATH-Vulnerability-Privilege-EscalationPOC Details
3Netdata ndsudo local privilage escalation workflow and POC (CVE-2024-32019)https://github.com/juanbelin/CVE-2024-32019-POCPOC Details
4Netdata ndsudo PoChttps://github.com/C0deInBlack/CVE-2024-32019-pocPOC Details
5Nonehttps://github.com/sPhyos/cve-2024-32019-PoCPOC Details
6Nonehttps://github.com/x0da6h/POC-for-CVE-2024-32019POC Details
7Netdata ndsudo Privilege Escalation PoChttps://github.com/T1erno/CVE-2024-32019-Netdata-ndsudo-Privilege-Escalation-PoCPOC Details
8This is an alternative poc for the CVE-2024-32019 written in python https://github.com/hexared/CVE-2024-32019_pocPOC Details
9Privilege Escalation via "ndsudo" (Netdata Local Exploit)https://github.com/80Ottanta80/CVE-2024-32019-PoCPOC Details
10Python implementation of Netdata LPE exploithttps://github.com/julichaan/CVE-2024-32019-ndsudo-local-privilege-escalation-NetDataPOC Details
11NDSUDO Vulnerability Exploithttps://github.com/justjoeyking/CVE-2024-32019-ndsudoPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-32019

登录查看更多情报信息。

IV. Related Vulnerabilities

Same product: netdata
Same vendor: netdata
Same weakness: CWE-426

V. Comments for CVE-2024-32019

No comments yet

Leave a comment