CVE-2022-40126
7.8HIGHA misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.
Veröffentlicht: 9/29/2022Aktualisiert: 5/21/2025
Beschreibung
A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.
KI-AnalyseKI-gestützt
Betroffene Produkte
clash_projectclash
0.19.9
Referenzen
- https://github.com/Fndroid/clash_for_windows_pkg/issues/3405ExploitIssue TrackingThird Party Advisory
- https://github.com/Fndroid/clash_for_windows_pkg/issues/3405ExploitIssue TrackingThird Party Advisory