2
[local] Microsoft Edge (Chromium-based) Webview2 1.0.1661.34 - Spoofing
source link: https://www.exploit-db.com/exploits/51359
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Microsoft Edge (Chromium-based) Webview2 1.0.1661.34 - Spoofing
Exploit:
/
## Title: Microsoft-Edge-(Chromium-based)-Webview2-1.0.1661.34-Spoofing-Vulnerability
## Author: nu11secur1ty
## Date: 04.10.2023
## Vendor: https://developer.microsoft.com/en-us/
## Software: https://developer.microsoft.com/en-us/microsoft-edge/webview2/
## Reference: https://www.rapid7.com/fundamentals/spoofing-attacks/
## CVE ID: CVE-2023-24892
## Description:
The Webview2 development platform is vulnerable to Spoofing attacks.
The attacker can build a very malicious web app and spread it to the
victim's networks.
and when they open it this can be the last web app opening for them.
STATUS: HIGH Vulnerability
[+]Exploit:
[href](https://github.com/nu11secur1ty/Windows11Exploits/tree/main/2023/CVE-2023-24892/PoC)
## Reproduce:
[href](https://github.com/nu11secur1ty/Windows11Exploits/tree/main/2023/CVE-2023-24892)
## Proof and Exploit:
[href](https://streamable.com/uk7l2n)
## Time spend:
03:00:00
--
System Administrator - Infrastructure Engineer
Penetration Testing Engineer
Exploit developer at
https://packetstormsecurity.com/https://cve.mitre.org/index.html and
https://www.exploit-db.com/
home page: https://www.nu11secur1ty.com/
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=
nu11secur1ty <http://nu11secur1ty.com/>
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK