| Title | XINJE XDPPro DLL Hijacking Vulnerability |
|---|
| Description | XDPPro is a programming tool for Xinjie PLC that supports ladder diagram programming and instruction list programming.
XDPPro has a DLL hijacking vulnerability, which allows an attacker to gain complete control of the target operating system.
Special note: This DLL hijacking vulnerability is combined with the CNVD-2023-64839 that I previously submitted and disclosed, that is, the arbitrary file overwriting vulnerability.
When used together, it can achieve remote or arbitrary code execution vulnerability triggered by malicious engineering files.
CNVD-2023 -64839 writes the maliciously constructed cfgmgr32.dll into the software installation directory, and then calls the hijacked cfgmgr32.dll.
when the software runs related functions, triggering the execution of malicious code. The impact will be very significant!
|
|---|
| Source | ⚠️ https://drive.google.com/drive/folders/1mpRxWOPjxVS980r0qu1IY_Hf0irKO-cu?usp=drive_link |
|---|
| User | Anonymous User |
|---|
| Submission | 09/22/2023 09:45 (3 years ago) |
|---|
| Moderation | 10/09/2023 16:09 (17 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 241586 [XINJE XDPPro up to 3.7.17a cfgmgr32.dll uncontrolled search path] |
|---|
| Points | 20 |
|---|