module

Netdata ndsudo privilege escalation

Try Surface Command
Back to search
Disclosed
Apr 12, 2024
Created
Aug 20, 2025

Description

The `ndsudo` is a tool shipped with Netdata Agent. The version v1.45.0 and below contain vulnerability, which allows an attacker to gain privilege escalation using `ndsudo` binary. The vulnerability is untrusted search path, when searching for additional binary files, such as `nvme`. An attacker can create malicious binary with same name and add the directory of this binary into `$PATH` variable. The `ndsudo` will trust the first occurence of this binary and execute it.

Authors

msutovsky-r7
mia-0

Platform

Linux

Architectures

x86, x64

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


    msf > use exploit/linux/local/ndsudo_cve_2024_32019
    msf exploit(ndsudo_cve_2024_32019) > show targets
        ...targets...
    msf exploit(ndsudo_cve_2024_32019) > set TARGET < target-id >
    msf exploit(ndsudo_cve_2024_32019) > show options
        ...show and set options...
    msf exploit(ndsudo_cve_2024_32019) > exploit
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today