diff --git a/cves/CVE-2019-12725.yaml b/cves/CVE-2019-12725.yaml index 66da9062b7..0e307e0c21 100644 --- a/cves/CVE-2019-12725.yaml +++ b/cves/CVE-2019-12725.yaml @@ -9,7 +9,7 @@ info: found in ZeroShell 3.9.0 in the "/cgi-bin/kerbynet" url. As sudo is configured to execute /bin/tar without a password (NOPASSWD) it is possible to run root commands using the "checkpoint" tar options. - references: + references: | - https://www.tarlogic.com/advisories/zeroshell-rce-root.txt - https://github.com/X-C3LL/PoC-CVEs/blob/master/CVE-2019-12725/ZeroShell-RCE-EoP.py