CVE-2018-17980

Опубликовано: 15 окт. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

NoMachine before 5.3.27 and 6.x before 6.3.6 allows attackers to gain privileges via a Trojan horse wintab32.dll file located in the same directory as a .nxs file, as demonstrated by a scenario where the .nxs file and the DLL are in the current working directory, and the Trojan horse code is executed. (The directory could, in general, be on a local filesystem or a network share.).

Ссылки

http://hyp3rlinx.altervista.org/advisories/NOMACHINE-TROJAN-FILE-REMOTE-CODE-EXECUTION.txt
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/149784/NoMachine-5.3.26-Remote-Code-Execution.html
Exploit
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/45611/
Exploit
Third Party Advisory
VDB Entry
https://www.nomachine.com/TR10P08887
Vendor Advisory
http://hyp3rlinx.altervista.org/advisories/NOMACHINE-TROJAN-FILE-REMOTE-CODE-EXECUTION.txt
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/149784/NoMachine-5.3.26-Remote-Code-Execution.html
Exploit
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/45611/
Exploit
Third Party Advisory
VDB Entry
https://www.nomachine.com/TR10P08887
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:nomachine:nomachine:*:*:*:*:*:*:*:*

Версия до 5.3.27 (исключая)

cpe:2.3:a:nomachine:nomachine:*:*:*:*:*:*:*:*

Версия от 6.0.0 (включая) до 6.3.6 (исключая)

EPSS

Процентиль: 88%

0.03667

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-426

Связанные уязвимости

GHSA-pvq8-5g9r-pf72