I will analyze this attack surface and discuss a few interesting public bugs.
Local attacks into remote ones and are an alternative way toĪ Novel Way to Bypass Executable Signature Checks with Electron Listing All Registered Protocol HandlersĬustom protocol handlers are an obscure attack surface.Slack command-line Injection via browser-subprocess-command.Skype Command Injection via browser-subprocess-command.Startup Path Limitations And Possible Workarounds.Google Web Designer Command Injection via The Log File.Electron and CEF command-line Injections by rgod.CVE-2020-13699 - Unquoted URI handler in TeamViewer by Command-Line Switch Injection.CVE-2019-6453 - RCE on mIRC Using Argument Injection Through Custom URI Protocol Handlers by The.Origin Remote Code Execution by Linux Mint 18.3-19.1 'yelp' Command Injection by Browsers Escaping Characters.Possible RCE through Windows Custom Protocol on Windows Client by Find Bugs Like This with dnSpy.Privilege Escalation via Protocol Handlers.
0 kommentar(er)
