## https://sploitus.com/exploit?id=F3244223-7B6C-5011-943D-88AAAF589962
The ndsudo vulnerability allows an attacker to gain root permissions by exploiting an untrusted search path in the ndsudo tool, which is part of the Netdata Agent. This can enable the execution of arbitrary programs with elevated privileges if the attacker places a malicious binary in a writable directory and modifies the PATH environment variable accordingly.
The ndsudo vulnerability, identified as CVE-2024-32019, affects versions of the ndsudo tool included with the Netdata Agent, specifically versions v1.45.0 and below. This vulnerability allows attackers to escalate privileges on systems where the tool is installed.
How the Vulnerability Works:
Mechanism of Exploitation:-
Untrusted Search Path: The ndsudo tool uses the PATH environment variable to locate external commands.
An attacker can manipulate this variable to point to a directory they control.
Execution of Malicious Binaries: By placing a malicious executable with the same name as a command that ndsudo is
allowed to run (e.g., nvme) in a writable directory, the attacker can execute arbitrary code with root permissions.
Attack Complexity:-
Low Complexity: The attack does not require advanced skills, an easily crafted bash script can be used for priviesc making it accessible to many potential attackers.
Impact of the Vulnerability:-
Privilege Escalation: Successful exploitation allows an attacker to gain root access, which can lead to full
control over the affected system.
Potential Risks: This can result in unauthorized data access, system manipulation, and further exploitation of
network resources.
PRIVILEGE ESCALATION
I have created two bash scripts for easily gaining access to the root.