漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Cloudlfare WARP Arbitrary File Overwrite
Vulnerability Description
Cloudflare WARP client for Windows (up to v. 2022.5.309.0) allowed creation of mount points from its ProgramData folder. During installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
Cloudflare WARP 后置链接漏洞
Vulnerability Description
Cloudflare WARP(Cloudflare Vpn)是美国Cloudflare公司的一个用于安全连接的客户端应用软件。 Cloudflare WARP client for Windows 2022.5.309.0之前版本存在后置链接漏洞,该漏洞源于允许从其 ProgramData 文件夹创建挂载点,在安装 WARP 客户端期间,可以提升权限并覆盖受 SYSTEM 保护的文件。
CVSS Information
N/A
Vulnerability Type
N/A