2 matches found
CVE-2017-15358
Charles Proxy prior to version 4.2.1 is affected by a local privilege escalation due to a race condition in the Settings suid binary that manages system proxy configuration. The vulnerability is triggered via the --self-repair flow, which can regrant root/suid privileges without proper password p...
CVE-2018-19244
The CVE-2018-19244 entry details an XML External Entity (XXE) vulnerability in Charles 4.2.7 within the import/export setup option. According to the provided sources, if a user imports a malicious or attacker-supplied Charles Settings.xml, an intranet network may be accessed and information may b...