CVE-2020-24356

Cloudflared on Windows prior to 2020.8.1 is affected by a local privilege escalation. The vulnerability arises from how cloudflared searches for and reads configuration files; a misconfiguration in a malformed config.yaml can cause the program to write logs or execute commands via a user-controll...

CVE-2023-1314

Cloudflared’s Windows 32-bit installer (≤ 2023.3.0) is affected by a Local Privilege Escalation. The MSI installer relied on a world-writable directory, enabling a local non-admin user to exploit symbolic links and trick the installer’s repair function into deleting or overwriting files, potentia...