KiTTY 0.76.1.13 Command Injection CVE-2024-23749 Exploit - System32

svg

svg

svg

Now Reading: KiTTY 0.76.1.13 Command Injection CVE-2024-23749 Exploit

Loading

Loading

KiTTY 0.76.1.13 Command Injection CVE 2024 23749 Exploit

Exploits And POCs

February 10, 2024 / Prapattimynk

KiTTY 0.76.1.13 Command Injection CVE-2024-23749 Exploit

44

Share

Ads

KiTTY versions 0.76.1.13 and before is vulnerable to command injection via the filename variable, occurs due to insufficient input sanitization and validation, failure to escape special characters, and insecure system calls (at lines 2369-2390). This allows an attacker to add inputs inside the filename variable, leading to arbitrary code execution.

Upvote0PointsDownvote

0 People voted this article. 0 Upvotes - 0 Downvotes.

Prev Post

Disable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)

Next Post

Ermac 3.0 Android Botnet

What do you think?

It is nice to know your opinion. Leave a comment.

Leave a reply Cancel reply

Subscribe & Follow

Popular Posts

01

Craxs Rat V6.7 Working Free Download

September 14, 2023

02

FHR Electric Data Leak

July 8, 2023

03

Postfix SMTP Smuggling CVE-2023-51764 Exploit

December 27, 2023

04

WSPCoerce - PoC to coerce authentication from Windows hosts using MS-WSP

July 28, 2023

05

CVE-2023-20110 Exploit | Cisco Smart Software Manager On-Prem SQL Injection

July 16, 2023

Categories

Cyber sec44
Database123
Exploits And POCs213
Malicious Scripts139
Tools137
Malwares54
Softwares36

Loading

svg

Quick Navigation

1
KiTTY 0.76.1.13 Command Injection CVE-2024-23749 Exploit