Primary

Context

OpenMediaVault Privilege Escalation Vulnerability in User Management

Vulnerability

Patched

A privilege escalation vulnerability has been identified in OpenMediaVault version 7.4.17. The issue arises in the changePassword method within the user.inc file, allowing local authenticated attackers to gain root privileges.

Impact

Exploitation of this vulnerability allows local authenticated users to escalate privileges to root.

Added: Aug 22, 2025, 4:26 PM

Updated: Aug 22, 2025, 6:55 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

3.5

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

3.5

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenMediaVault Privilege Escalation Vulnerability in User Management

Vulnerability

Impact

Affected Products

OpenMediaVault

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating