restomatic.blogg.se - Hex hex pling pling

#HEX HEX PLING PLING PATCH#
#HEX HEX PLING PLING SOFTWARE#

Bräunlein said he first tried tipping off the programmers in February, and again and again thereafter, and nothing was done. Pling’s anonymous maintainers, who do not identify themselves on either or sister site, did not respond to an email seeking comment. And as for the webpage-delivered RCE, “exploitation is triggered by visiting a malicious website in any browser, while PlingStore is running in the background.” “When the XSS is triggered inside the Electron app, the payload can establish a connection to the local WebSocket server and send messages to execute arbitrary native code,” wrote Bräunlein.

When is a remote-code-execution bug in Teams not an RCE? When Microsoft says it isn't, flaw finder discovers.

#HEX HEX PLING PLING PATCH#

The patch that wasn't: Cisco emits fresh fixes for NTLM hash-spilling vuln and XSS-RCE combo in Jabber app.ALPACA gnaws through TLS protection to snarf cookies and steal data.Zoll Defibrillator Dashboard would execute contents of random Excel files ordinary users could import.That means accessing a booby-trapped marketplace listing in the app, or surfing to a bad website with PlingStore running in the background, can lead to malware running on your Linux PC via the Pling application, according to Positive.

#HEX HEX PLING PLING SOFTWARE#

An XSS payload delivered from a theme marketplace, or any webpage opened in a browser, can connect to this local server, and use it to tell the software to fetch and run arbitrary malicious code.

When run, the app creates a local WebSocket server that is insecure. RCE-huntingįollowing on from that discovery, Bräunlein realized the PlingStore marketplace application was also vulnerable to the XSS – “and from there, can likely be escalated to RCE when combined with an Electron sandbox bypass.” While KDE patched Discover in March following Bräunlein’s findings, Pling was less proactive. “This stored XSS could be used to modify active listings, or post new listings on the Pling store in the context of other users, resulting in a wormable XSS,” he wrote. Invoking the vuln was straightforward: Bräunlein navigated to KDE Discover's upload page for new creations, and pasted a JavaScript-based XSS payload into one of its fields, wrapped inside an iframe.