Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently logged in user. This allows for example attackers who compromised a browser extension to escape from the browser sandbox.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Avast Premium Security 操作系统命令注入漏洞
Vulnerability Description
Avast Antivirus是捷克爱维士(Avast)公司的一套杀毒软件。 Avast Premium Security 19.8.2393版本中的命令处理存在安全漏洞。攻击者可通过向Avast Antivirus所运行本地Web服务器发送特制的请求利用该漏洞以当前用户权限执行任意操作系统命令。
CVSS Information
N/A
Vulnerability Type
N/A