cwjchoi01

9 exploits Active since Apr 2025
CVE-2025-66680 NOMISEC HIGH WORKING POC
WiseCleaner Wise Force Deleter <=7.3.2 - Arbitrary File Deletion
An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7.3.2 and earlier allows attackers to delete arbitrary files via a crafted request.
2 stars
CVSS 7.1
CVE-2025-66678 NOMISEC CRITICAL WORKING POC
Nil Hardware Editor <1.25.11.26 - Memory Corruption
An issue in the HwRwDrv.sys component of Nil Hardware Editor Hardware Read & Write Utility v1.25.11.26 and earlier allows attackers to execute arbitrary read and write operations via a crafted request.
1 stars
CVSS 9.8
CVE-2026-3796 NOMISEC MEDIUM WORKING POC
Qi-ANXIN QAX Virus Removal - Privilege Escalation
A weakness has been identified in Qi-ANXIN QAX Virus Removal up to 2025-10-22. The affected element is the function ZwTerminateProcess in the library QKSecureIO_Imp.sys of the component Mini Filter Driver. Executing a manipulation can lead to improper access controls. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 5.3
CVE-2025-66676 NOMISEC MEDIUM WORKING POC
IObit Unlocker 1.3.0.11 - Denial of Service via Crafted Request
An issue in IObit Unlocker v1.3.0.11 allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVSS 6.2
CVE-2025-65264 NOMISEC MEDIUM STUB
CPUID CPU-Z < 2.17 - Information Disclosure via IOCTL Interface
The kernel driver of CPUID CPU-Z v2.17 and earlier does not validate user-supplied values passed via its IOCTL interface, allowing an attacker to access sensitive information via a crafted request.
CVSS 5.5
CVE-2024-57394 NOMISEC HIGH WORKING POC
Qi-ANXIN Tianqing Endpoint Security Management System v10.0 - Arbitrary File Write via Quarantine Restore Function
The quarantine - restore function in Qi-ANXIN Tianqing Endpoint Security Management System v10.0 allows user to restore a malicious file to an arbitrary file path. Attackers can write malicious DLL to system path and perform privilege escalation by leveraging Windows DLL hijacking vulnerabilities.
CVSS 8.8
CVE-2026-3796 WRITEUP MEDIUM WORKING POC
Qi-ANXIN QAX Virus Removal - Privilege Escalation
A weakness has been identified in Qi-ANXIN QAX Virus Removal up to 2025-10-22. The affected element is the function ZwTerminateProcess in the library QKSecureIO_Imp.sys of the component Mini Filter Driver. Executing a manipulation can lead to improper access controls. The attack is restricted to local execution. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 5.3
CVE-2025-66678 WRITEUP CRITICAL WORKING POC
Nil Hardware Editor <1.25.11.26 - Memory Corruption
An issue in the HwRwDrv.sys component of Nil Hardware Editor Hardware Read & Write Utility v1.25.11.26 and earlier allows attackers to execute arbitrary read and write operations via a crafted request.
CVSS 9.8
CVE-2025-66680 WRITEUP HIGH WORKING POC
WiseCleaner Wise Force Deleter <=7.3.2 - Arbitrary File Deletion
An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7.3.2 and earlier allows attackers to delete arbitrary files via a crafted request.
CVSS 7.1