CVE-2024-7062

Name of the Vulnerable Software and Affected Versions Nimble Commander (affected versions not specified)

Description The issue arises from the server's improper validation of a client's authorization, specifically in the info.filesmanager.Files.PrivilegedIOHelperV2 component. This allows for the execution of system-level commands as the root user, including changing permissions and ownership, obtaining a handle of an arbitrary file, and terminating processes.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.