CVE-2023-24205
9.8CRITICALClash for Windows v0.20.12 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via overwriting the configuration file (cfw-setting.yaml).
Опубликовано: 2/23/2023Обновлено: 3/12/2025
Описание
Clash for Windows v0.20.12 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via overwriting the configuration file (cfw-setting.yaml).
ИИ-АнализНа базе ИИ
Затронутые продукты
clash_projectclash
0.20.12
Ссылки
- https://github.com/Fndroid/clash_for_windows_pkgProduct
- https://github.com/Fndroid/clash_for_windows_pkg/issues/3891ExploitIssue Tracking
- https://github.com/Fndroid/clash_for_windows_pkgProduct
- https://github.com/Fndroid/clash_for_windows_pkg/issues/3891ExploitIssue Tracking