Exploitation Summary
EIP tracks 4 public exploits for CVE-2020-11107. PoCs published by Salman Asad, S1lkys, andripwn.
AI-analyzed exploit summary This PowerShell script exploits a local privilege escalation vulnerability in XAMPP by modifying the xampp-control.ini file to replace a legitimate executable path with a malicious payload path. The exploit leverages improper file permissions to achieve arbitrary code execution with elevated privileges.
Description
An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (including admins) to enable arbitrary command execution.
Exploits (4)
This PowerShell script exploits a local privilege escalation vulnerability in XAMPP by modifying the xampp-control.ini file to replace a legitimate executable path with a malicious payload path. The exploit leverages improper file permissions to achieve arbitrary code execution with elevated privileges.
This repository provides a detailed writeup and proof-of-concept for CVE-2020-11107, a vulnerability in XAMPP on Windows that allows an unprivileged user to modify the xampp-control.ini configuration file to execute arbitrary commands with elevated privileges when an administrator accesses log files.
This is a writeup detailing CVE-2020-11107, a vulnerability in XAMPP on Windows where an unprivileged user can modify the xampp-control.ini configuration file to execute arbitrary commands with elevated privileges when an admin accesses log files via the control panel.
This repository contains a PowerShell script that exploits CVE-2020-11107, a local privilege escalation vulnerability in XAMPP on Windows. The exploit modifies the `xampp-control.ini` file to replace the default editor path with a malicious executable, which is executed with elevated privileges when triggered by an administrator.
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H