VegaBird Vooki 5.2.9 DLL Hijacking ≈ Packet Storm

Home^[1] Files^[2] News^[3] &[SERVICES_TAB] Contact^[4] Add New^[5]

Change Mirror^[13] Download^[14]

====================================
CVE ID: CVE-2024-45874
Author: Iulian Florea
Vendor: VegaBird
Product:  Vooki - Dynamic Web Application & REST API Vulnerability Scanner (DAST Tool)
Vulnerability Type: DLL Hijacking
====================================
====================================
Summary
====================================
A DLL hijacking vulnerability in VegaBird Vooki 5.2.9 allows attackers to execute arbitrary code / maintain persistence via placing a crafted DLL file in the same directory as Yaazhini.exe.
====================================
Exploitation
====================================
By placing an arbitrary DLL (Example: dcomp.dll) within the application folder (C:\Program Files\Vooki) and opening the application (Vooki.exe) it can be noted that the DLL is being loaded. This can lead to persistence or in some cases to privilege escalation.

• Follow us on Twitter^[17]
• Follow us on Facebook^[18]
• Subscribe to an RSS Feed^[19]

File Tags

• ActiveX^[20] (933)
• Advisory^[21] (86,997)
• Arbitrary^[22] (17,113)
• BBS^[23] (2,859)
• Bypass^[24] (1,932)
• CGI^[25] (1,047)
• Code Execution^[26] (7,925)
• Conference^[27] (693)
• Cracker^[28] (845)
• CSRF^[29] (3,434)
• DoS^[30] (25,304)
• Encryption^[31] (2,395)
• Exploit^[32] (54,342)
• File Inclusion^[33] (4,278)
• File Upload^[34] (1,022)
• Firewall^[35] (822)
• Info Disclosure^[36] (2,924)
• Intrusion Detection^[37] (919)
• Java^[38] (3,156)
• JavaScript^[39] (908)
• Kernel^[40] (7,310)
• Local^[41] (14,864)
• Magazine^[42] (587)
• Overflow^[43] (13,228)
• Perl^[44] (1,435)
• PHP^[45] (5,284)
• Proof of Concept^[46] (2,413)
• Protocol^[47] (3,751)
• Python^[48] (1,662)
• Remote^[49] (31,922)
• Root^[50] (3,672)
• Rootkit^[51] (530)
• Ruby^[52] (643)
• Scanner^[53] (1,660)
• Security Tool^[54] (8,052)
• Shell^[55] (3,308)
• Shellcode^[56] (1,219)
• Sniffer^[57] (904)
• Spoof^[58] (2,297)
• SQL Injection^[59] (16,738)
• TCP^[60] (2,463)
• Trojan^[61] (690)
• UDP^[62] (919)
• Virus^[63] (675)
• Vulnerability^[64] (33,133)
• Web^[65] (10,144)
• Whitepaper^[66] (3,785)
• x86^[67] (970)
• XSS^[68] (18,306)
• Other^[69]

File Archives

• September 2024^[70]
• August 2024^[71]
• July 2024^[72]
• June 2024^[73]
• May 2024^[74]
• April 2024^[75]
• March 2024^[76]
• February 2024^[77]
• January 2024^[78]
• December 2023^[79]
• November 2023^[80]
• October 2023^[81]
• Older^[82]

Systems

• AIX^[83] (430)
• Apple^[84] (2,115)
• BSD^[85] (378)
• CentOS^[86] (61)
• Cisco^[87] (1,954)
• Debian^[88] (7,130)
• Fedora^[89] (1,693)
• FreeBSD^[90] (1,247)
• Gentoo^[91] (4,599)
• HPUX^[92] (881)
• iOS^[93] (390)
• iPhone^[94] (108)
• IRIX^[95] (220)
• Juniper^[96] (71)
• Linux^[97] (51,374)
• Mac OS X^[98] (696)
• Mandriva^[99] (3,105)
• NetBSD^[100] (256)
• OpenBSD^[101] (490)
• RedHat^[102] (16,912)
• Slackware^[103] (941)
• Solaris^[104] (1,615)
• SUSE^[105] (1,444)
• Ubuntu^[106] (9,882)
• UNIX^[107] (9,461)
• UnixWare^[108] (188)
• Windows^[109] (6,780)
• Other^[110]

© 2024 Packet Storm. All rights reserved.