CVSS: 8.1EPSS: 2%CPEs: 4EXPL: 1CVE-2018-15685 – Electron WebPreferences - Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-15685
GitHub Electron 1.7.15, 1.8.7, 2.0.7, and 3.0.0-beta.6, in certain scenarios involving IFRAME elements and "nativeWindowOpen: true" or "sandbox: true" options, is affected by a WebPreferences vulnerability that can be leveraged to perform remote code execution. GitHub Electron 1.7.15, 1.8.7, 2.0.7, y 3.0.0-beta.6, en determinados escenarios que incluyen elementos de IFRAME y opciones "nativeWindowOpen: true" o "sandbox: true", se ve afectado por una vulnerabilidad de WebPreferences que puede aprovecharse para realizar la ejecución remota de código. Electron WebPreferences suffers from a remote code execution vulnerability. Versions affected include 3.0.0-beta.6, 2.0.7, 1.8.7, and 1.7.15. • https://www.exploit-db.com/exploits/45272 https://electronjs.org/blog/web-preferences-fix • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2017-16151
https://notcve.org/view.php?id=CVE-2017-16151
Based on details posted by the ElectronJS team; A remote code execution vulnerability has been discovered in Google Chromium that affects all recent versions of Electron. Any Electron app that accesses remote content is vulnerable to this exploit, regardless of whether the [sandbox option](https://electron.atom.io/docs/api/sandbox-option) is enabled. En base a los detalles proporcionados por el equipo ElectronJS, se ha descubierto una vulnerabilidad de ejecución remota de código en Google Chromium que afecta a todas las versiones recientes de Electron. Cualquier aplicación de Electron que acceda a contenido remoto es vulnerable a este exploit, independientemente de si la [opción sandbox] (https://electron.atom.io/docs/api/sandbox-option) está habilitada. • https://electron.atom.io/blog/2017/09/27/chromium-rce-vulnerability-fix https://nodesecurity.io/advisories/539 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 1CVE-2018-1000136
https://notcve.org/view.php?id=CVE-2018-1000136
Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to 2.0.0-beta.3 contains an improper handling of values vulnerability in Webviews that can result in remote code execution. This attack appear to be exploitable via an app which allows execution of 3rd party code AND disallows node integration AND has not specified if webview is enabled/disabled. This vulnerability appears to have been fixed in 1.7.13, 1.8.4, 2.0.0-beta.4. Electron, en versiones desde la 1.7 hasta la 1.7.12, desde la 1.8 hasta la 1.8.3 y desde la 2.0.0 hasta la 2.0.0-beta.3, contiene una vulnerabilidad de gestión incorrecta de valores en Webviews que puede dar como resultado la ejecución remota de código. Parece que este ataque puede ser explotable mediante una app que permite la ejecución de código de terceros, no acepta la integración de nodos y no especifica si la vista web está habilitada o deshabilitada. • https://www.electronjs.org/blog/webview-fix https://www.trustwave.com/Resources/SpiderLabs-Blog/CVE-2018-1000136---Electron-nodeIntegration-Bypass • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 5EXPL: 0CVE-2018-1000118
https://notcve.org/view.php?id=CVE-2018-1000118
Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their browser. This vulnerability appears to have been fixed in Electron 1.8.2-beta.5. This issue is due to an incomplete fix for CVE-2018-1000006, specifically the black list used was not case insensitive allowing an attacker to potentially bypass it. Github Electron en su versión Electron 1.8.2-beta.4 y anteriores, contiene una vulnerabilidad de inyección de comandos en el manipulador de protocolos que puede resultar en la ejecución de comandos. • https://electronjs.org/releases#1.8.2-beta.5 https://github.com/electron/electron/commit/ce361a12e355f9e1e99c989f1ea056c9e502dbe7 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.3EPSS: 97%CPEs: 14EXPL: 3CVE-2018-1000006 – Google Web Designer URI Parsing Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-1000006
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user clicks on a specially crafted URL. This has been fixed in versions 1.8.2-beta.4, 1.7.11, and 1.6.16. GitHub Electron en versiones 1.8.2-beta.3 y anteriores, 1.7.10 y anteriores y 1.6.15 y anteriores tiene una vulnerabilidad en el manipulador de protocolos, específicamente en las apps Electron que se ejecutan en Windows 10, 7 o 2008 y que registren manipuladores personalizados de protocolos, que permite que se les pueda engañar para que ejecuten comandos arbitrarios si el usuario hace clic en una URL especialmente manipulada. Esto se ha solucionado en las versiones 1.8.2-beta.4, 1.7.11 y 1.6.16. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Web Designer. • https://www.exploit-db.com/exploits/44357 https://www.exploit-db.com/exploits/43899 https://github.com/CHYbeta/CVE-2018-1000006-DEMO http://www.securityfocus.com/bid/102796 https://electronjs.org/blog/protocol-handler-fix https://github.com/electron/electron/releases/tag/v1.8.2-beta.4 https://medium.com/%40Wflki/exploiting-electron-rce-in-exodus-wallet-d9e6db13c374 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •