37 matches found
TotalAV 5.15.69 - Unquoted Service Path
Exploit Title: TotalAV 5.15.69 - Unquoted Service Path Date: 22/09/2021 Exploit Author: Andrea Intilangelo Vendor Homepage: https://www.totalav.com Software Link: https://download.totalav.com/windows/beta-trial or https://install.protected.net/windows/cdn3/5.15.69/TotalAV.exe Version: 5.15.69...
TotalAV Elevation of Privilege Vulnerability
TotalAV is a suite of computer security protection software that supports multiple platforms. The software includes features such as virus protection, anti-phishing and anti-spyware. An elevation of privilege vulnerability exists in TotalAV version 2020 4.14.31, which can be exploited by an...
CVE-2019-18194
TotalAV 2020 4.14.31 has a quarantine flaw that allows privilege escalation. Exploitation uses an NTFS directory junction to restore a malicious DLL from quarantine into the system32 folder...
CVE-2019-18194
TotalAV 2020 4.14.31 has a quarantine flaw that allows privilege escalation. Exploitation uses an NTFS directory junction to restore a malicious DLL from quarantine into the system32 folder...
Design/Logic Flaw
TotalAV 2020 4.14.31 has a quarantine flaw that allows privilege escalation. Exploitation uses an NTFS directory junction to restore a malicious DLL from quarantine into the system32 folder...
CVE-2019-18194
TotalAV 2020 4.14.31 has a quarantine flaw that allows privilege escalation. Exploitation uses an NTFS directory junction to restore a malicious DLL from quarantine into the system32 folder...
CVE-2019-18194
TotalAV 2020 4.14.31 is affected by CVE-2019-18194, a privilege-escalation vulnerability where exploitation uses an NTFS directory junction to restore a malicious DLL from quarantine into the system32 folder. The vulnerability is supported by multiple sources (Red Hat advisory, CNVD, CVE records,...
TotalAV 2020 4.14.31 Privilege Escalation
Exploit Title: TotalAV 2020 4.14.31 - Privilege Escalation Date: 2020-01-09 Exploit Author: Kusol Watchara-Apanukorn Vendor Homepage: https://www.totalav.com/ Version: 4.14.31 Fixed on: 5.3.35 Tested on: Windows 10 x64 CVE : N/A Vulnerability Description: TotalAV 2020 4.14.31 has quarantine flaw...
TotalAV 2020 4.14.31 - Privilege Escalation Vulnerability
Exploit Title: TotalAV 2020 4.14.31 - Privilege Escalation Exploit Author: Kusol Watchara-Apanukorn Vendor Homepage: https://www.totalav.com/ Version: 4.14.31 Fixed on: 5.3.35 Tested on: Windows 10 x64 CVE : N/A Vulnerability Description: TotalAV 2020 4.14.31 has quarantine flaw that allows...
TotalAV 2020 4.14.31 - Privilege Escalation
TotalAV 2020 4.14.31 - Privilege Escalation Exploit Title: TotalAV 2020 4.14.31 - Privilege Escalation Date: 2020-01-09 Exploit Author: Kusol Watchara-Apanukorn Vendor Homepage: https://www.totalav.com/ Version: 4.14.31 Fixed on: 5.3.35 Tested on: Windows 10 x64 CVE : CVE-2019-18194 Vulnerability...
TotalAV 2020 4.14.31 - Privilege Escalation
Exploit Title: TotalAV 2020 4.14.31 - Privilege Escalation Date: 2020-01-09 Exploit Author: Kusol Watchara-Apanukorn Vendor Homepage: https://www.totalav.com/ Version: 4.14.31 Fixed on: 5.3.35 Tested on: Windows 10 x64 CVE : CVE-2019-18194 Vulnerability Description: TotalAV 2020 4.14.31 has...
CVE-2018-7535
An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions Everyone:F under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product...
Design/Logic Flaw
An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions Everyone:F under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product...
CVE-2018-7535
An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions Everyone:F under %PROGRAMFILES%, which allows local users to gain privileges or obtain maximum control over the product...
CVE-2018-7535
CVE-2018-7535 concerns TotalAV v4.1.7 where weak permissions in the installation folder allow an unprivileged, local user to modify or overwrite any product files, enabling potential privilege escalation and full control over the product. Root cause: overly permissive access (Everyone:F) under %P...
Total AV 4.6.19 Insecure Permissions
===== Tempest Security Intelligence - ADV-23/2018 === Total AV 4.1.7 4 .6.19 - Insecure Permissions ------------------------------------------------------- Author: - Filipe Xavier Oliveira: ===== Table of Contents ===================================================== Overview Detailed description...
static.totalav.com XSS vulnerability
Open Bug Bounty ID: OBB-467055 Description| Value ---|--- Affected Website:| static.totalav.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...