Описание
A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:clash_project:clash:0.19.9:*:*:*:*:windows:*:*
EPSS
Процентиль: 30%
0.00108
Низкий
7.8 High
CVSS3
Дефекты
CWE-552
CWE-552
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.
EPSS
Процентиль: 30%
0.00108
Низкий
7.8 High
CVSS3
Дефекты
CWE-552
CWE-552