5 matches found
Arbitrary File Overwrite
github.com/schollz/croc is vulnerable to Arbitrary File Overwrite. The vulnerability is due to the Croc protocol allowing a sender to specify an arbitrary path for the file transfer, which lacks validation to check if the file path will overwrite an existing file on the client side. An attacker c...
Arbitrary File Write
github.com/schollz/croc is vulnerable to Arbitrary File Write through crafted File Paths. The vulnerability is due to the Croc protocol which allows senders to specify sn arbitrary path for a file transfer. If the recipient doesn't already have a file with the same name, an attacker can exploit...
CVE-2023-43618
An issue was discovered in Croc through 9.6.5. The protocol requires a sender to provide its local IP addresses in cleartext via an ips? message...
CVE-2023-43618
An issue was discovered in Croc through 9.6.5. The protocol requires a sender to provide its local IP addresses in cleartext via an ips? message...
CVE-2023-43618
An issue was discovered in Croc through 9.6.5. The protocol requires a sender to provide its local IP addresses in cleartext via an ips? message...