Posts

From User to Root: Exploiting a Privilege Escalation Bug in Azure Storage Utility

Image
 A critical privilege escalation vulnerability has been discovered in AZNFS-mount , a utility preinstalled on Azure HPC/AI Linux images. The flaw, which affects all versions up to 2.0.10 , allows unprivileged users to escalate privileges to root , posing a serious threat to environments that rely on NFS access to Azure Blob storage. What Is AZNFS-Mount and Why It Matters AZNFS-mount enables mounting of Azure Storage Account NFS endpoints , simplifying data access even when IP addresses change. Installed via aznfs_install.sh , the tool includes binaries that require superuser permissions to manage mount points and DNAT rules. This utility is widely used in high-performance computing (HPC) and AI workloads in Azure. The Vulnerability: SUID Misuse and Environment Variable Exploitation At the core of the issue is the mount.aznfs binary, installed with the SUID bit (file mode 4755) , allowing any user to execute it with root privileges. It leverages the execv function to run a ...

CVE-2025-2011: Unauthenticated SQL Injection Vulnerability in Slider & Popup Builder by Depicter

  Published: May 6, 2025 Discovered by: Wordfence CVE ID: CVE-2025-2011 Affected Plugin: Slider & Popup Builder by Depicter (WordPress) Affected Versions: Up to and including 3.6.1 Severity: High (CVSS 3.1 Score: 7.5) Exploitability: Unauthenticated, Remote Overview A critical SQL Injection vulnerability has been identified in the Slider & Popup Builder by Depicter plugin for WordPress. This flaw allows unauthenticated attackers to inject arbitrary SQL queries via the s parameter, potentially leading to unauthorized access to sensitive database information. Technical Details Vulnerability Type: Generic SQL Injection CWE ID: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality Impact: High Integrity Impact: None Availability Impact: None The vulnerability arises due to in...