mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-05 10:17:57 +00:00
1.5 KiB
1.5 KiB
CVE-2022-31262
Description
An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to insufficient folder permissions, an attacker can hijack the %ProgramData%\GOG.com folder structure and change the GalaxyCommunication service executable to a malicious file, resulting in code execution as SYSTEM.
POC
Reference
- https://github.com/secure-77/CVE-2022-31262
- https://secure77.de/category/subjects/researches/
- https://secure77.de/gog-galaxy-cve-2022-31262/
- https://www.youtube.com/watch?v=Bgdbx5TJShI
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/WhooAmii/POC_to_review
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/manas3c/CVE-POC
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/secure-77/CVE-2022-31262
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve