5 matches found
Windscribe - WindscribeService Named Pipe Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windscribe WindscribeService Named Pipe Privilege Escalation', 'Description' = %q The Windscribe VPN client application for Windows makes use of ...
CVE-2018-11479
creationtimestamp| type| source ---|---|--- 2020-02-05 18:50:53+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/windscribewindscribeserviceprivesc.rb 2020-02-07 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48021 2023-12-22...
Windscribe WindscribeService Named Pipe Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windscribe WindscribeService Named Pipe Privilege Escalation', 'Description' = %q The Windscribe VPN client application for Windows makes use of ...
Windscribe WindscribeService Named Pipe Privilege Escalation
The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \.\pipe\WindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names,...
CVE-2018-11479
CVE-2018-11479 affects Windscribe for Windows. WindscribeService.exe creates the .\us WindscribeService named pipe and does not validate the program name before CreateProcess, enabling an attacker to execute arbitrary commands with SYSTEM privileges via the pipe. Public details in connected docs...