15 matches found
EUVD-2020-5902
Malware in sbrugna...
EUVD-2019-3749
Malware in sbrugna...
CVE-2020-13661
Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must interactively choose the Open On Browser...
Telerik Fiddler Code Injection Vulnerability
Telerik Fiddler is an HTTP protocol debugging proxy tool. A code injection vulnerability exists in Telerik Fiddler 5.0.20202.18177 and earlier versions, which allows an attacker to execute an arbitrary program via a hostname with a space character at the end, followed by the --utility-and-browser...
CVE-2020-13661
Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must interactively choose the Open On Browser...
CVE-2020-13661
Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must interactively choose the Open On Browser...
Open redirect
Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must interactively choose the Open On Browser...
CVE-2020-13661
Telerik Fiddler before 5.0.20204. fixes the vulnerability CVE-2020-13661 which allows code execution through a crafted hostname with a trailing space followed by --utility-and-browser --utility-cmd-prefix= and the path to a locally installed program. The attack requires the user to interactively ...
CVE-2020-13661
Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must interactively choose the Open On Browser...
Telerik Fiddler Elevation of Privilege Vulnerability
Telerik Fiddler is an HTTP protocol debugging proxy tool. A security vulnerability exists in Telerik Fiddler version 5.0.20182.28034, which stems from the program failing to validate the hash value of the EnableLoopback.exe file before running it. An attacker could exploit the vulnerability to...
CVE-2019-12097
Telerik Fiddler v5.0.20182.28034 doesn't verify the hash of EnableLoopback.exe before running it, which could lead to code execution or local privilege escalation by replacing the original EnableLoopback.exe...
CVE-2019-12097
Telerik Fiddler v5.0.20182.28034 doesn't verify the hash of EnableLoopback.exe before running it, which could lead to code execution or local privilege escalation by replacing the original EnableLoopback.exe...
Privilege escalation
Telerik Fiddler v5.0.20182.28034 doesn't verify the hash of EnableLoopback.exe before running it, which could lead to code execution or local privilege escalation by replacing the original EnableLoopback.exe...
CVE-2019-12097
Affected software: Telerik Fiddler v5.0.20182.28034. Vulnerability: EnableLoopback.exe is not verified against its hash before execution, allowing an attacker to replace the original EnableLoopback.exe and potentially achieve code execution or local privilege escalation. Impact as stated: code ex...
CVE-2019-12097
Telerik Fiddler v5.0.20182.28034 doesn't verify the hash of EnableLoopback.exe before running it, which could lead to code execution or local privilege escalation by replacing the original EnableLoopback.exe...