PT-2026-3152 · Unknown · Laravel Valet
Leonjza
·
Publicado
2026-01-15
·
Atualizado
2026-01-21
·
CVE-2021-47756
CVSS v3.1
8.4
Alta
| Vetor | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Laravel Valet versions 1.1.4 through 2.0.3
Description
Laravel Valet versions 1.1.4 to 2.0.3 have a local privilege escalation issue. An attacker can modify the valet command to execute arbitrary code with root permissions without needing further authentication. This is achieved by editing the symlinked valet command.
Recommendations
Update Laravel Valet to a version later than 2.0.3.
Exploit
Correção
LPE
Incorrect Permission
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Laravel Valet