CVE-2021-35448 PoC — Remote Mouse 处理逻辑错误漏洞

Source

https://github.com/deathflash1411/cve-2021-35448

Associated Vulnerability

Title:Remote Mouse 处理逻辑错误漏洞 (CVE-2021-35448)
Description:Remote Mouse是一个应用程序。一款远程鼠标。 Emote Interactive Remote Mouse 中存在处理逻辑错误漏洞，该漏洞源于应用在用户使用图像传输文件夹功能时导航到cmd.exe文件时没有对某些安全操作进行验证，攻击者可通过该漏洞以管理员身份执行任意程序。以下产品及型号会受到影响：Remote Mouse 3.008。

Description

Local Privilege Escalation in Remote Mouse 3.008

Readme

# CVE-2021-35448

**Description:** Local Privilege Escalation in Remote Mouse 3.008

**Vulnerable App:** [Download](https://www.exploit-db.com/apps/4e06b0e24ad2dbf6fde0da11b77dd98d-RemoteMouse.exe)

**Exploit-DB:** [https://www.exploit-db.com/exploits/50047](https://www.exploit-db.com/exploits/50047)

**Proof Of Concept:**

- Open Remote Mouse from taskbar
- Go to Settings -> Image Transfer Folder
- Click "Change...", a Save As dialog box will appear
- Enter `C:\Windows\System32\cmd.exe` 
- Command Prompt will be opened with admin privileges

**Screenshots:**

![](https://i.imgur.com/vHacNUg.png)

![](https://i.imgur.com/i5csLKg.png)

![](https://i.imgur.com/9uh9atb.png)

![](https://i.imgur.com/eEb9y8u.png)

![](https://i.imgur.com/DfxaLEU.png)

File Snapshot


 [4.0K]  /data/pocs/f3d350067e57c74724ca25486fe0266e9bcda7a4
└── [ 755]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!