Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.7 views

CVE-2020-24772

In Dreamacro Clash for Windows v0.11.4, an attacker could embed a malicious iframe in a website with a crafted URL that would launch the Clash Windows client and force it to open a remote SMB share. Windows will perform NTLM authentication when opening the SMB share and that request can be relaye...

8.8CVSS7.6AI score0.00634EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-17482

Malware in sbrugna...

8.8CVSS8.7AI score0.00634EPSS
Exploits1References2
OSV
OSV
added 2022/03/21 3:15 p.m.9 views

CVE-2020-24772

In Dreamacro Clash for Windows v0.11.4, an attacker could embed a malicious iframe in a website with a crafted URL that would launch the Clash Windows client and force it to open a remote SMB share. Windows will perform NTLM authentication when opening the SMB share and that request can be relaye...

8.8CVSS7.8AI score0.00634EPSS
Exploits1References1
Prion
Prion
added 2022/03/21 3:15 p.m.15 views

Open redirect

In Dreamacro Clash for Windows v0.11.4, an attacker could embed a malicious iframe in a website with a crafted URL that would launch the Clash Windows client and force it to open a remote SMB share. Windows will perform NTLM authentication when opening the SMB share and that request can be relaye...

6.8CVSS8.8AI score0.00634EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/03/21 2:48 p.m.66 views

CVE-2020-24772

Affected software: Dreamacro Clash for Windows v0.11.4. The vulnerability arises when an attacker embeds a malicious iframe in a website with a crafted URL that launches the Clash Windows client and forces it to open a remote SMB share. Windows will perform NTLM authentication when accessing the ...

8.8CVSS8.8AI score0.00634EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder