Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Privilege escalation through unquoted service binary path on Cloudflare WARP for Windows
Vulnerability Description
Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service's binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
未经引用的搜索路径或元素
Vulnerability Title
Cloudflare WARP for Windows 代码问题漏洞
Vulnerability Description
Cloudflare Warp(Cloudflare Vpn)是美国Cloudflare公司的一个用于安全连接的客户端应用软件。 Cloudflare WARP for Windows 存在安全漏洞,该漏洞源于未引用的服务路径。攻击者可以通过滥用未引用的服务路径问题成为管理员。
CVSS Information
N/A
Vulnerability Type
N/A