Vulners
Lucene search
Electron WebPreferences - Remote Code Execution
| Reporter | Title | Published | Views | Family All 16 |
|---|---|---|---|---|
 | Electron WebPreferences - Remote Code Execution Exploit | 28 Aug 201800:00 | – | zdt |
 | CVE-2018-15685 | 25 Aug 201801:04 | – | circl |
 | Electron WebPreferences Remote Command Execution Vulnerability | 23 Aug 201800:00 | – | cnvd |
 | CVE-2018-15685 | 23 Aug 201805:00 | – | cve |
 | CVE-2018-15685 | 23 Aug 201805:00 | – | cvelist |
 | Electron WebPreferences - Remote Code Execution | 27 Aug 201800:00 | – | exploitpack |
 | Electron webPreferences vulnerability can be used to perform remote code execution | 23 Aug 201819:12 | – | github |
 | Remote Code Execution | 7 Nov 201822:07 | – | nodejs |
 | CVE-2018-15685 | 23 Aug 201805:29 | – | nvd |
 | GHSA-HV9C-QWQG-QJ3V Electron webPreferences vulnerability can be used to perform remote code execution | 23 Aug 201819:12 | – | osv |
10
CVE-2018-15685 - Electron WebPreferences Remote Code Execution
This is a minimal Electron application with a POC for CVE-2018-15685.
A remote code execution vulnerability has been discovered affecting apps with the ability to open nested child windows on Electron versions (3.0.0-beta.6, 2.0.7, 1.8.7, and 1.7.15). This vulnerability has been assigned the CVE identifier CVE-2018-15685.
For more information see my full write up on the Contrast Security blog (https://www.contrastsecurity.com/security-influencers/cve-2018-15685) or the write up on the offical blog from Electron (https://electronjs.org/blog/web-preferences-fix)
The project contains the fillowing files:
main.js - This is the app's main process. Note this has nodeIntegration disabled so it should not be possibe use "process"
index.html - This is an example rendered page. This could be remotely controlled URL, or a page from an application with an XSS. In this example even though it is a local file but should not have access to node bindings.
You can learn more about each of these components within the Quick Start Guide.
To Use
To clone and run this repository you'll need Git and Node.js (which comes with npm) installed on your computer. From your command line:
# Clone this repository
git clone https://github.com/matt-/CVE-2018-15685
# Go into the repository
cd CVE-2018-15685
# Install dependencies
npm install
# Run the app
npm start
Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/45272.zipData
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
27 Aug 2018 00:00Current
7High risk
Vulners AI Score7
CVSS 26.8
CVSS 38.1
EPSS0.12681