2 matches found
Design/Logic Flaw
Proxyee-Down is open source proxy software. An attacker being able to provide an extension script eg: through a MiTM attack or by hosting a malicious extension may be able to run arbitrary commands on the system running Proxyee-Down. For more details including a PoC see the referenced...
CVE-2021-32826
Proxyee-Down is an open source proxy tool vulnerable to remote code execution when an attacker provides an extension script (e.g., via MiTM or hosting a malicious extension). The issue allows arbitrary commands to run on the system running Proxyee-Down. A PoC is referenced (GHSL-2021-053). As of ...