CVE-2020-16602 – Razer Chroma SDK Server 3.16.02 - Race Condition Remote File Execution

https://notcve.org/view.php?id=CVE-2020-16602

02 Sep 2020 — Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs because there is a race condition in which a file created under "%PROGRAMDATA%\Razer Chroma\SDK\Apps" can be replaced before it is executed by the server. The attacker must have access to port 54236 for a registration step. Razer Chroma SDK Rest Server versiones hasta 3.12.17, permite a atacantes remotos ejecutar programas arbitrarios porque se presenta una condición de carrera en la que un archivo creado bajo... • https://packetstorm.news/files/id/160225 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •