Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Mihomo Party Socket sysproxy.ts enableSysProxy temp file
Vulnerability Description
A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function enableSysProxy of the file src/main/sys/sysproxy.ts of the component Socket Handler. The manipulation results in creation of temporary file with insecure permissions. The attack requires a local approach. This attack is characterized by high complexity. The exploitability is told to be difficult. The exploit is now public and may be used.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
创建拥有不安全权限的临时文件
Vulnerability Title
Mihomo Party 安全漏洞
Vulnerability Description
Mihomo Party是中国Mihomo Party公司的一个网络代理工具。 Mihomo Party 1.8.1及之前版本存在安全漏洞,该漏洞源于临时文件权限设置不当,可能导致本地攻击。
CVSS Information
N/A
Vulnerability Type
N/A