Remote Mouse GUI 3.008 Local Privilege Escalation

2021.06.21
Credit: Salman Asad
Risk: Medium
Local: Yes
Remote: Yes
CVE: N/A
CWE: CWE-264

# Exploit Title: Remote Mouse GUI 3.008 - Local Privilege Escalation # Exploit Author: Salman Asad (@deathflash1411) # Date: 17.06.2021 # Version: Remote Mouse 3.008 # Tested on: Windows 10 Pro Version 21H1 # Note: Local/RDP access is required to exploit this vulnerability This method is also known as Citrix Method (Insecure GUI App) After installation remote mouse runs as administrator and autostarts by default PoC: Open remote mouse from the system tray Go to Settings Click "Change..." in the "Image Transfer Folder" area Save As prompt will appear Enter "C:\Windows\System32\cmd.exe" Command Prompt is spawned with administrator privileges


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top