Filtered by vendor Grahampugh Subscriptions
Filtered by product Erase-install Subscriptions

Search

Switch to Advanced Search (Beta)
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-70342 1 Grahampugh 1 Erase-install 2026-03-05 6.6 Medium
erase-install prior to v40.4 commit 2c31239 writes swiftDialog credential output to a hardcoded path /var/tmp/dialog.json. This allows an unauthenticated attacker to intercept admin credentials entered during reinstall/erase operations via creating a named pipe.