GlassWire 2.1.167 vulnerability - MSVR 56639
Medium
Vulnerability Details
Arbitrary code execution vulnerability within the firewall software, GlassWire version 2.1.167
## Impact
After the program is installed, on first execution, it will attempt to load Wtsapi32.dll.dll from the user's PATH (without doing any checks to see if the file is signed). Attached is a demo leveraging this vulnerability to spawn notepad.exe as well as screenshots showing the software searching the user’s PATH.
Actions
View on HackerOneReport Stats
- Report ID: 1193641
- State: Closed
- Substate: resolved
- Upvotes: 3