How severe is CVE-2023-30630?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2023-30630?

This is classified as CWE-23, which is a common weakness in software security.

CVE-2023-30630 - HIGH Severity | CVSS 7.1

Vulnerability Description

Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly).

Related Vulnerabilities

CVE-2020-12010

HIGH

CVSS:7.1(High)

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an authenticated user to use a specially crafted file to delete ...

CWE-232020

CVE-2022-33937

HIGH

CVSS:7.1(High)

Dell GeoDrive, Versions 1.0 - 2.2, contain a Path Traversal Vulnerability in the reporting function. A local, low privileged attacker could potentially exploit this vulnerability, to gain unauthorized...

CWE-232022

CVE-2023-27993

HIGH

CVSS:7.1(High)

A relative path traversal [CWE-23] in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a privileged attacker to delete arbitrary directories from the underlying file system via crafted CLI comm...

CWE-232023

CVE-2023-47613

HIGH

CVSS:7.1(High)

A CWE-23: Relative Path Traversal vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow a l...

CWE-232023

CVE-2024-43454

HIGH

CVSS:7.1(High)

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

CWE-232024

CVE-2025-23360

HIGH

CVSS:7.1(High)

NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal issue by arbitrary file write. A successful exploit of this vulnerability may lead to code execution a...

CWE-232025