cve/CVE-2023-49314.md at dd6a10065df501f0a524d47b55e162f16811ba93

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode and EnableNodeCliInspectArguments, and thus r3ggi/electroniz3r can be used to perform an attack.

POC

Reference

https://asana.com/pt/download

Github

https://github.com/V3x0r/CVE-2023-50643
https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/giovannipajeu1/CVE-2023-50643
https://github.com/louiselalanne/CVE-2023-49314
https://github.com/louiselalanne/louiselalanne
https://github.com/nomi-sec/PoC-in-GitHub

975 B Raw Blame History

CVE-2023-49314

Description

POC

Reference

Github

975 B

Raw Blame History