vendor:
Proxifier
by:
m4rkw
7.8
CVSS
HIGH
Command Injection
78
CWE
Product Name: Proxifier
Affected Version From: <= 2.18
Affected Version To: 2.19
Patch Exists: YES
Related CWE: CVE-2017-7643
CPE: a:proxifier:proxifier
Platforms Tested: Mac
2017
Command Injection in Proxifier
This exploit demonstrates a command injection vulnerability in the KLoader binary that ships with Proxifier <= 2.18. The vulnerability allows an attacker to execute arbitrary commands as root.
Mitigation:
Users should upgrade to version 2.19.2.