admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 10:41:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-49114.md

21 lines
949 B
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2023-49114](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49114)
![](https://img.shields.io/static/v1?label=Product&message=VMS%20Client%20Viewer&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D7.1%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-427%20Uncontrolled%20Search%20Path%20Element&color=brighgreen)
### Description
A DLL hijacking vulnerability was identified in the Qognify VMS Client Viewer version 7.1 or higher, which allows local users to execute arbitrary code and obtain higher privileges via careful placement of a malicious DLL, if some specific pre-conditions are met.
### POC
#### Reference
- http://seclists.org/fulldisclosure/2024/Mar/10
Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00
- http://seclists.org/fulldisclosure/2024/Mar/10
Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
- https://r.sec-consult.com/qognify
Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00
- https://r.sec-consult.com/qognify
Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
Reference in New Issue Copy Permalink