Advertisement






Remote Mouse GUI 3.008 Local Privilege Escalation

CVE Category Price Severity
N/A CWE-264 N/A High
Author Risk Exploitation Type Date
Unknown High Local 2021-06-21
CVSS EPSS EPSSP
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0 0

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021060120

Below is a copy:

Remote Mouse GUI 3.008 Local Privilege Escalation
# Exploit Title: Remote Mouse GUI 3.008 - Local Privilege Escalation
# Exploit Author: Salman Asad (@deathflash1411)
# Date: 17.06.2021
# Version: Remote Mouse 3.008
# Tested on: Windows 10 Pro Version 21H1

# Note: Local/RDP access is required to exploit this vulnerability

This method is also known as Citrix Method (Insecure GUI App)
After installation remote mouse runs as administrator and autostarts by default

PoC:

Open remote mouse from the system tray
Go to Settings
Click "Change..." in the "Image Transfer Folder" area
Save As prompt will appear
Enter "C:\Windows\System32\cmd.exe"
Command Prompt is spawned with administrator privileges

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum