Vulnerabilities > Eternal Terminal Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-02-16 CVE-2023-23558 Link Following vulnerability in Eternal Terminal Project Eternal Terminal 6.2.1
In Eternal Terminal 6.2.1, TelemetryService uses fixed paths in /tmp.
local
high complexity
eternal-terminal-project CWE-59
6.3
6.3
2023-01-13 CVE-2022-48257 Incorrect Permission Assignment for Critical Resource vulnerability in Eternal Terminal Project Eternal Terminal 6.2.1
In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp.
network
low complexity
eternal-terminal-project CWE-732
5.3
5.3
2023-01-13 CVE-2022-48258 Unspecified vulnerability in Eternal Terminal Project Eternal Terminal 6.2.1
In Eternal Terminal 6.2.1, etserver and etclient have world-readable logfiles.
network
low complexity
eternal-terminal-project
5.3
5.3
2022-08-16 CVE-2022-24952 Improper Input Validation vulnerability in Eternal Terminal Project Eternal Terminal
Several denial of service vulnerabilities exist in Eternal Terminal prior to version 6.2.0, including a DoS triggered remotely by an invalid sequence number and a local bug triggered by invalid input sent directly to the IPC socket.
network
low complexity
eternal-terminal-project CWE-20
6.5
6.5