Lucene search
K

5 matches found

Exploit DB
Exploit DB
added 2020/02/07 12:0 a.m.177 views

Windscribe - WindscribeService Named Pipe Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windscribe WindscribeService Named Pipe Privilege Escalation', 'Description' = %q The Windscribe VPN client application for Windows makes use of ...

7.8CVSS7.4AI score0.09905EPSS
Exploits4
Circl
Circl
added 2020/02/05 6:50 p.m.32 views

CVE-2018-11479

creationtimestamp| type| source ---|---|--- 2020-02-05 18:50:53+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/windscribewindscribeserviceprivesc.rb 2020-02-07 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48021 2023-12-22...

7.8CVSS7.5AI score0.09905EPSS
Exploits4References3
Packet Storm
Packet Storm
added 2020/02/05 12:0 a.m.108 views

Windscribe WindscribeService Named Pipe Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windscribe WindscribeService Named Pipe Privilege Escalation', 'Description' = %q The Windscribe VPN client application for Windows makes use of ...

7.2CVSS0.1AI score0.09905EPSS
Exploits4
Metasploit
Metasploit
added 2020/02/01 12:41 a.m.41 views

Windscribe WindscribeService Named Pipe Privilege Escalation

The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \.\pipe\WindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names,...

7.8CVSS7.4AI score0.09905EPSS
Exploits4
CVE
CVE
added 2018/05/25 7:0 p.m.94 views

CVE-2018-11479

CVE-2018-11479 affects Windscribe for Windows. WindscribeService.exe creates the .\us WindscribeService named pipe and does not validate the program name before CreateProcess, enabling an attacker to execute arbitrary commands with SYSTEM privileges via the pipe. Public details in connected docs...

7.8CVSS7.6AI score0.09905EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder