Vulnerabilities

CVE-2021-42110

December 10, 2021

An issue was discovered in Allegro Windows (formerly Popsy Windows) before 3.3.4156.1. A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking.

Summary:

An issue was discovered in Allegro Windows (formerly Popsy Windows) before 3.3.4156.1. A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking.

Reference Links(if available):

https://excellium-services.com/cert-xlm-advisory/CVE-2021-42110

http://www.popsy.com/Documents/Setups/Setup.Allegro.3.3.4154.2.exe

CVSS Score (if available)

v2: / MEDIUM

v3: /

Links to Exploits(if available)

HackerOne Bug Bounty Disclosure: availability-impact-from-exploiting-project-name-vulnerabilities-mr-root

November 13, 2024

HackerOne Bug Bounty Disclosure: idor-in-backup-recovery-functionality-theelgo

November 13, 2024

HackerOne Bug Bounty Disclosure: can-see-phone-numbers-of-others-by-providing-mail-address-sevada

November 13, 2024

[BRAINCIPHER] – Ransomware Victim: G-One Auto Parts de México S[.]A[.] de C[.]V[.]

November 13, 2024

[BRAINCIPHER] – Ransomware Victim: COOPERATIVA TELEFONICA DE CALAFATE LTD[.]

November 13, 2024

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

HackerOne Bug Bounty Disclosure: availability-impact-from-exploiting-project-name-vulnerabilities-mr-root

HackerOne Bug Bounty Disclosure: idor-in-backup-recovery-functionality-theelgo

HackerOne Bug Bounty Disclosure: can-see-phone-numbers-of-others-by-providing-mail-address-sevada

[BRAINCIPHER] – Ransomware Victim: G-One Auto Parts de México S[.]A[.] de C[.]V[.]

[BRAINCIPHER] – Ransomware Victim: COOPERATIVA TELEFONICA DE CALAFATE LTD[.]