mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
1.0 KiB
1.0 KiB
CVE-2020-27384
Description
The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag (Full Control) for 'Everyone' group, making the entire directory 'Guild Wars 2' and its files and sub-dirs world-writable.
POC
Reference
- https://github.com/FreySolarEye/CVE/blob/master/Guild%20Wars%202%20-%20Local%20Privilege%20Escalation
- https://github.com/FreySolarEye/CVE/blob/master/Guild%20Wars%202%20-%20Local%20Privilege%20Escalation
Github
No PoCs found on GitHub currently.