RSS   Vulnerabilities for 'WARP'   RSS

2022-06-23
 
CVE-2022-2147

CWE-428
 

 
Cloudflare Warp for Windows from version 2022.2.95.0 contained an unquoted service path which enables arbitrary code execution leading to privilege escalation. The fix was released in version 2022.3.186.0.

 
2021-02-03
 
CVE-2020-35152

CWE-428
 

 
Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service's binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1.

 

 >>> Vendor: Cloudflare 3 Products
WARP
Octorpki
Quiche


Copyright 2024, cxsecurity.com

 

Back to Top