← voltar
CVE-2023-35863

CVE-2023-35863

EPSS 0.2%
In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://ctrl-c.club/~blue/nfsdk.htmlhttps://www.madefornet.com/products.htmlhttps://www.michaelrowley.dev/research/posts/nfsdk/nfsdk.html