Jump to content

Sachin

Members
  • Content Count

    8
  • Joined

  • Last visited

Community Reputation

1 Neutral

About Sachin

  • Rank
    Newbie
  1. Thanks, I will test it. Is their any credit to me (Bounty/Swag). Thanks.
  2. Hello, I did not checked. Can you please provide the download link for same. So i can test it. Thanks, Sachin
  3. Hello, I have send one mail on support@immunet.com nearly one day before regarding acknowledgement letter. Please revert back on same. Waiting for you reply. Thanks, Sachin Wagh
  4. Hi Ritchie, Attacker can exploit the vulnerability to load a DLL file of the attacker's choosing that could execute arbitrary code. I think in the POC video I shown execution of calc.exe through affected software. An attacker gain access to the system if attackers creates shell as a DLL instead of calc (dll) that i shown in the video. If you are interested I will shown the same. How attacker will gain access to the system and control it. Thanks, Sachin Wagh
  5. Hi Team, Any update on this. Thanks, Sachin Wagh
  6. Thanks. I will wait. Please let me know if anything required from my side. Thanks, Sachin Wagh
  7. Thanks Ritchie, Please let me know is there any plan to fix it as it is critical and compromising confidentiality ,Integrity, Availability. So will I wait for the fix and after patching the bug will disclose it publicly. Thanks, Sachin Wagh
  8. Security Advisory - Immunet Antivirus DLL Hijacking Vulnerability Summary Immunet® is a malware and antivirus protection system that utilizes cloud computing to provide enhanced community-based security. Immunet Antivirus contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to some DLL file is loaded by ‘ImmunetSetup.exe’ improperly. And it allows an attacker to load this DLL file of the attacker’s choosing that could execute arbitrary code without the user's knowledge. Affected Product: Immunet 3 Download Link: https://s3.amazonaws.com/immunet-site/production/ImmunetSetup.exe Impact Attacker can exploit the vulnerability to load a DLL file of the attacker's choosing that could execute arbitrary code. This may help attacker to Successful exploits the system if user creates shell as a DLL. Vulnerability Scoring Details The vulnerability classification has been performed by using the CVSSv2 scoring system (http://www.first.org/cvss/). Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C) Technique Details 1. Prerequisite: The attacker can access the device; 2. Attacking procedure: This vulnerability exists due to the way DLL files are loaded by Immunet Antivirus. It allows an attacker to load a DLL file of the attacker’s choosing that could execute arbitrary code without the user's knowledge. The specific flaw exists within the handling of some DLL file loading by the Immunet Antivirus process. Note : For more detail POC please check the mail send on support@immunet.com Credit: Sachin Wagh (tiger_tigerboy) Wsachin092@gmail.com
×