Name of the Vulnerable Software and Affected Versions:

AK-Nord USB-Server-LXL Firmware version 0.0.16 Build 2023-03-13

Description:

Insecure permissions within the `/etc/init.d/lighttpd` script allow a locally authenticated low-privilege user to execute arbitrary commands with root privileges. This is achieved by modifying the script, which is executed with root privileges during system boot and on any interaction.

Recommendations:

Ensure the `/etc/init.d/lighttpd` script has appropriate permissions to prevent unauthorized modification.