Proxifier for Mac 2.19 - Local Privilege Escalation

With CVE-2017-7643 I disclosed a command injection vulnerablity in the KLoader binary that ships with Proxifier = 2.18. Unfortunately 2.19 is also vulnerable to a slightly different attack that yields the same result. When Proxifier is first run, if the KLoader binary is not suid root it gets...

Proxifier for Mac 2.19 - Local Privilege Escalation

Proxifier for Mac 2.19 - Local Privilege Escalation With CVE-2017-7643 I disclosed a command injection vulnerablity in the KLoader binary that ships with Proxifier = 2.18. Unfortunately 2.19 is also vulnerable to a slightly different attack that yields the same result. When Proxifier is first run...

CVE-2017-7690

Proxifier for Mac before 2.19.2, when first run, allows local users to gain privileges by replacing the KLoader binary with a Trojan horse program...

Proxifier for Mac 2.17 / 2.18 - Privelege Escalation Exploit

Exploit for macOS platform in category local exploits Source: https://m4.rkw.io/blog/cve20177643-local-root-privesc-in-proxifier-for-mac--218.html Proxifier 2.18 also 2.17 and possibly some earlier version ships with a KLoader binary which it installs suid root the first time Proxifier is run. Th...