CVE-2023-41173
https://notcve.org/view.php?id=CVE-2023-41173
AdGuard DNS before 2.2 allows remote attackers to cause a denial of service via malformed UDP packets. • https://adguard-dns.io/en/versions.html#2.2 • CWE-400: Uncontrolled Resource Consumption •
CVE-2022-45770
https://notcve.org/view.php?id=CVE-2022-45770
Improper input validation in adgnetworkwfpdrv.sys in Adguard For Windows x86 through 7.11 allows local privilege escalation. • https://github.com/Marsel-marsel/CVE-2022-45770 https://adguard.com/en/versions/windows/release.html#version-71140780 https://hackmag.com/security/aguard-cve https://xakep.ru/2023/01/27/aguard-cve • CWE-20: Improper Input Validation •
CVE-2021-27935
https://notcve.org/view.php?id=CVE-2021-27935
An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is able to bruteforce their password offline, because the hash of the password is stored in the cookie. Se detectó un problema en AdGuard anterior a la versión 0.105.2. Un atacante capaz de obtener la cookie del usuario puede forzar su contraseña fuera de línea, porque el hash de la contraseña es almacenado en la cookie • https://github.com/AdguardTeam/AdGuardHome/issues/2470 • CWE-522: Insufficiently Protected Credentials •