2

[local] Microsoft Edge (Chromium-based) Webview2 1.0.1661.34 - Spoofing

 1 year ago
source link: https://www.exploit-db.com/exploits/51359
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

Microsoft Edge (Chromium-based) Webview2 1.0.1661.34 - Spoofing

EDB-ID:

51359

EDB Verified:

Exploit:

  /  

Platform:

Multiple

Date:

2023-04-10

Vulnerable App:

## Title: Microsoft-Edge-(Chromium-based)-Webview2-1.0.1661.34-Spoofing-Vulnerability
## Author: nu11secur1ty
## Date: 04.10.2023
## Vendor: https://developer.microsoft.com/en-us/
## Software: https://developer.microsoft.com/en-us/microsoft-edge/webview2/
## Reference: https://www.rapid7.com/fundamentals/spoofing-attacks/
## CVE ID: CVE-2023-24892

## Description:
The Webview2 development platform is vulnerable to Spoofing attacks.
The attacker can build a very malicious web app and spread it to the
victim's networks.
and when they open it this can be the last web app opening for them.

STATUS: HIGH Vulnerability

[+]Exploit:

[href](https://github.com/nu11secur1ty/Windows11Exploits/tree/main/2023/CVE-2023-24892/PoC)


## Reproduce:
[href](https://github.com/nu11secur1ty/Windows11Exploits/tree/main/2023/CVE-2023-24892)

## Proof and Exploit:
[href](https://streamable.com/uk7l2n)

## Time spend:
03:00:00


-- 
System Administrator - Infrastructure Engineer
Penetration Testing Engineer
Exploit developer at
https://packetstormsecurity.com/https://cve.mitre.org/index.html and
https://www.exploit-db.com/
home page: https://www.nu11secur1ty.com/
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=
                          nu11secur1ty <http://nu11secur1ty.com/>

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK