CVE-2020-24772
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
In Dreamacro Clash for Windows v0.11.4, an attacker could embed a malicious iframe in a website with a crafted URL that would launch the Clash Windows client and force it to open a remote SMB share. Windows will perform NTLM authentication when opening the SMB share and that request can be relayed (using a tool like responder) for code execution (or captured for hash cracking).
En Dreamacro Clash para Windows v0.11.4, un atacante podría incrustar un iframe malicioso en un sitio web con una URL manipulada que lanzaría el cliente Clash Windows y lo forzaría a abrir un recurso compartido SMB remoto. Windows realizará la autenticación NTLM al abrir el recurso compartido SMB y esa solicitud puede ser retransmitida (utilizando una herramienta como responder) para la ejecución de código (o capturada para el cracking de hash)
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-08-28 CVE Reserved
- 2022-03-21 CVE Published
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- 2024-10-25 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-346: Origin Validation Error
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://github.com/Dreamacro/clash/issues/910 | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Clash Project Search vendor "Clash Project" | Clash Search vendor "Clash Project" for product "Clash" | 0.11.4 Search vendor "Clash Project" for product "Clash" and version "0.11.4" | windows |
Affected
| ||||||