Unknown · Ak-Nord Usb-Server-Lxl · CVE-2025-52361
**Name of the Vulnerable Software and Affected Versions**
AK-Nord USB-Server-LXL Firmware version 0.0.16 Build 2023-03-13
**Description**
Insecure permissions within the `/etc/init.d/lighttpd` script allow a locally authenticated low-privilege user to execute arbitrary commands with root privileges. This is achieved by modifying the script, which is executed with root privileges during system boot and on any interaction.
**Recommendations**
Ensure the `/etc/init.d/lighttpd` script has appropriate permissions to prevent unauthorized modification.