Submit #480875: OBS-Studio 30.0.2 Command Injectioninfo

TitleOBS-Studio 30.0.2 Command Injection
DescriptionDuring the program's startup, it was identified that the application calls several files with the '.dll' extension in a local installation folder. This action enabled the use of a non-existent 'profapi.dll' file in the binary's installation folder, allowing code injection into the DLL file. This action could enable remote code execution through DLL injection.
Source⚠️ https://obsproject.com/pt-br
User
 Fergod (UID 55882)
Submission01/14/2025 02:35 PM (1 Year ago)
Moderation01/17/2025 09:58 PM (3 days later)
StatusAccepted
VulDB entry292495 [obsproject OBS Studio up to 30.0.2 on Windows untrusted search path]
Points15

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!