Exploitation Summary
EIP tracks 1 public exploit for CVE-2022-40126. PoCs published by LovelyWei.
AI-analyzed exploit summary This exploit targets CVE-2022-40126 by creating a malicious YAML configuration file in the Clash for Windows service directory and copying a malicious executable to achieve persistence. The exploit leverages the service's automatic execution of the YAML-defined executable to gain code execution.
Description
A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.
Exploits (1)
This exploit targets CVE-2022-40126 by creating a malicious YAML configuration file in the Clash for Windows service directory and copying a malicious executable to achieve persistence. The exploit leverages the service's automatic execution of the YAML-defined executable to gain code execution.
References (1)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H