-
Notifications
You must be signed in to change notification settings - Fork 1
/
Research.txt
61 lines (60 loc) · 1.7 KB
/
Research.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
> [Suggested description]
> Efs Software Easy Chat Server Version 3.1 was discovered to contain a
> DLL hijacking vulnerability via the component TextShaping.dll. This
> vulnerability allows attackers to execute arbitrary code via a crafted
> DLL.
>
> ------------------------------------------
>
> [Additional Information]
> Proof Of Concept: https://drive.google.com/file/d/1MuIEcuU4paZyS8o2MjAi4tLEKvoFu2ra/view?usp=sharing
> Vendor HomePage Link: https://www.echatserver.com/
> Software Link: https://www.echatserver.com/ecssetup.exe
>
> ------------------------------------------
>
> [VulnerabilityType Other]
> DLL Hijacking
>
> ------------------------------------------
>
> [Vendor of Product]
> Efs Software
>
> ------------------------------------------
>
> [Affected Product Code Base]
> Easy Chat Server - 3.1
>
> ------------------------------------------
>
> [Affected Component]
> TextShaping.dll
>
> ------------------------------------------
>
> [Attack Type]
> Local
>
> ------------------------------------------
>
> [Impact Code execution]
> true
>
> ------------------------------------------
>
> [Attack Vectors]
> TextShaping.dll is missing from Installed path of Easy Chat Server so an attacker can craft malicious dll with same name and can execute arbitrary code on system or also perform way of persistence on victim machine
>
> ------------------------------------------
>
> [Reference]
> https://drive.google.com/file/d/1MuIEcuU4paZyS8o2MjAi4tLEKvoFu2ra/view?usp=sharing
> https://www.echatserver.com/
> https://www.echatserver.com/ecssetup.exe
>
> ------------------------------------------
>
> [Discoverer]
> RashidKhan Pathan
Use CVE-2022-44939