Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:18 p.m.13 views

CVE-2026-45727

CloakBrowser is a tool to bypass bot detection tests. Prior to version 0.3.28, the cloakserve CDP multiplexer uses the user-supplied fingerprint query parameter directly as a filesystem path component when creating Chrome profile directories. An unauthenticated attacker who can reach the cloakser...

8.8CVSS5.5AI score0.00475EPSS
Exploits0References1
NVD
NVD
added 2026/06/01 7:16 p.m.12 views

CVE-2026-45727

CloakBrowser is a tool to bypass bot detection tests. Prior to version 0.3.28, the cloakserve CDP multiplexer uses the user-supplied fingerprint query parameter directly as a filesystem path component when creating Chrome profile directories. An unauthenticated attacker who can reach the cloakser...

8.8CVSS0.00475EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/01 5:23 p.m.9 views

CVE-2026-45727

CloakBrowser is a tool to bypass bot detection tests. Prior to version 0.3.28, the cloakserve CDP multiplexer uses the user-supplied fingerprint query parameter directly as a filesystem path component when creating Chrome profile directories. An unauthenticated attacker who can reach the cloakser...

8.8CVSS5.9AI score0.00475EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/01 5:23 p.m.36 views

CVE-2026-45727

CloakBrowser’s cloakserve component is vulnerable to an unauthenticated path-traversal via the fingerprint parameter. Prior to v0.3.28, the fingerprint value is used as a filesystem path component when creating Chrome profile directories, allowing an attacker who can reach the cloakserve port to ...

8.8CVSS5.9AI score0.00475EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/01 5:23 p.m.18 views

EUVD-2026-33724

CloakBrowser is a tool to bypass bot detection tests. Prior to version 0.3.28, the cloakserve CDP multiplexer uses the user-supplied fingerprint query parameter directly as a filesystem path component when creating Chrome profile directories. An unauthenticated attacker who can reach the cloakser...

8.8CVSS5.9AI score0.00475EPSS
Exploits0References1
OSV
OSV
added 2026/06/01 5:23 p.m.4 views

CVE-2026-45727 CloakBrowser: Unauthenticated path traversal via fingerprint parameter in cloakserve leads to arbitrary directory deletion

CloakBrowser is a tool to bypass bot detection tests. Prior to version 0.3.28, the cloakserve CDP multiplexer uses the user-supplied fingerprint query parameter directly as a filesystem path component when creating Chrome profile directories. An unauthenticated attacker who can reach the cloakser...

8.8CVSS6AI score0.00475EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.12 views

CloakBrowser 路径遍历漏洞

CloakBrowser is an open-source browser tool developed by CloakHQ that bypasses robot detection. Versions of CloakBrowser prior to 0.3.28 contained a path traversal vulnerability. This vulnerability stemmed from the cloakserve CDP multiplexer directly using the user-provided fingerprint query...

8.8CVSS5.5AI score0.00475EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/18 5:50 p.m.7 views

Directory Traversal

Overview cloakbrowser is a Stealth Chromium that passes every bot detection test. Drop-in Playwright replacement with source-level fingerprint patches. Affected versions of this package are vulnerable to Directory Traversal via the fingerprint parameter in the cloakserve process. An attacker can...

8.8CVSS6.5AI score0.00475EPSS
Exploits0References2
Rows per page
Query Builder