CVE-2017-11657

HIGH

Dashlane - Untrusted Search Path Privilege Escalation via WINHTTP.dll

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-11657. PoCs published by SecuriTeam.

AI-analyzed exploit summary The writeup describes a DLL hijacking vulnerability in Dashlane where an attacker can place a malicious WINHTTP.dll in the application's directory, leading to arbitrary code execution when Dashlane loads the DLL. The vulnerability is due to insecure DLL loading practices and lack of proper path validation.

Description

Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory.

Exploits (1)

exploitdb WRITEUP

by SecuriTeam · localwindows

https://www.exploit-db.com/exploits/44066

View Code ZIP pw:eip

The writeup describes a DLL hijacking vulnerability in Dashlane where an attacker can place a malicious WINHTTP.dll in the application's directory, leading to arbitrary code execution when Dashlane loads the DLL. The vulnerability is due to insecure DLL loading practices and lack of proper path validation.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Dashlane (version not specified)

No auth needed

Prerequisites: Write access to C:\Users\user\AppData\Roaming\Dashlane\ directory

MITRE ATT&CK

T1574.001 - DLL

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory x_refsource_misc

https://blogs.securiteam.com/index.php/archives/3357

Scores

CVSS v3 7.3

EPSS 0.0067

EPSS Percentile 47.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-426

Status published

Products (1)

dashlane/dashlane

Published Aug 04, 2017

Tracked Since Feb 18, 2026