Upstream information

CVE-2018-10057 at MITRE

Description

The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions (absolute directory traversal).

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having not set severity.

SUSE Bugzilla entry: 1095718

No SUSE Security Announcements cross referenced.