CVE-2020-9442 PoC — OpenVPN Connect 安全漏洞

Source

https://github.com/hessandrew/CVE-2020-9442

Associated Vulnerability

Title:OpenVPN Connect 安全漏洞 (CVE-2020-9442)
Description:OpenVPN Connect是美国OpenVPN公司的一款VPN（虚拟私人网络）客户端应用程序。 OpenVPN Connect 3.1.0.361版本（Windows）中存在安全漏洞，该漏洞源于程序为%PROGRAMDATA%OpenVPN Connectdrivers apamd64win10分配了不安全的权限。本地攻击者可借助恶意的drvstore.dll库利用该漏洞获取权限。

Description

OpenVPN Connect for Windows (MSI) - 3.1.0.361 - Privilege Escalation

File Snapshot


 [4.0K]  /data/pocs/7cc373e0d14acd7c9f91b240ff848b05f4ecd73d
└── [1.9K]  readme.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!