← volver
CVE-2023-35863

CVE-2023-35863

EPSS 0.2%
In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://ctrl-c.club/~blue/nfsdk.htmlhttps://www.madefornet.com/products.htmlhttps://www.michaelrowley.dev/research/posts/nfsdk/nfsdk.html