3 matches found
CVE-2022-41924
Summary (CVE-2022-41924, Windows) : The Tailscale Windows client exposes a vulnerable local API bound to a local TCP socket and communicates with the GUI in cleartext with no Host header verification. This enables a malicious website visited by the node to reconfigure the tailscaled daemon, redir...
CVE-2022-41924 Tailscale Windows daemon is vulnerable to RCE via CSRF
A vulnerability identified in the Tailscale Windows client allows a malicious website to reconfigure the Tailscale daemon tailscaled, which can then be used to remotely execute code. In the Tailscale Windows client, the local API was bound to a local TCP socket, and communicated with the Windows...
CVE-2022-41924
creationtimestamp| type| source ---|---|--- 2022-11-22 13:58:49+00:00| seen| https://t.me/proxybar/1185 2022-11-28 21:02:04+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/6745 2022-12-05 21:06:14+00:00| published-proof-of-concept|...