It's very limited use. But it is a vulnerability. . If an Unprivileged
user can write to the root of c: but NOT to any sensitive subdirectory they
can't do much harm. This allows them a route to escalate their priveleges.
Admittedly. .. for a user to be able to write to c but not write to
Windo
The fact they've clearly mapped out Gandi's processes to find the weak link
(The apparent opt-out to the email change request, real or not) and add
noise to exploit it makes it clear that someone put a lot of work into
this. Pretty much a textbook example of the 'APT' we're always warned
about.
G
Found the below on a printer a couple of years ago, sent to Kyocera but
never heard anything back...
Changing the 'Ready' message on a printer is quite a well known prank (And
much fun was had with this yesterday!) but also an interesting avenue for
injecting XSS, as the Kyocera printer manageme
