Keith Gable

**Name of the Vulnerable Software and Affected Versions** The Ignition Project ignitionServer versions 0.1.2 through 0.1.2-R2 **Description** The issue allows remote authenticated users with local IRC operator privileges to obtain global IRC operator privileges. This is achieved by using the unofficial `umode` command with the `+ORD` argument. **Recommendations** For versions 0.1.2 through 0.1.2-R2, consider restricting access to the `umode` command or removing the `+ORD` argument functionality to prevent exploitation until a patch is available.