Submit #566698: Hainan Interesting Technology Co., Ltd todesk 4.7.6.3 privilege escalationinfo

TitleHainan Interesting Technology Co., Ltd todesk 4.7.6.3 privilege escalation
DescriptionThe todesk program loads a file named profapi.dll from the current directory into the program stack for execution. It is worth noting that since regular users can modify DLL files and the files are subsequently executed with system privileges, this vulnerability can be exploited to gain system privileges on the local computer. Detailed vulnerability report:https://www.yuque.com/ba1ma0-an29k/nnxoap/dgxzuhd90e19grpg?singleDoc# 《todesk program has a privilege escalation vulnerability》
Source⚠️ https://www.yuque.com/ba1ma0-an29k/nnxoap/dgxzuhd90e19grpg?singleDoc# 《todesk program has a privilege escalation vulnerability》
User
 Ba1_Ma0 (UID 60252)
Submission04/28/2025 16:05 (1 Year ago)
Moderation05/10/2025 14:59 (12 days later)
StatusAccepted
VulDB entry308284 [Hainan ToDesk 4.7.6.3 DLL File Parser profapi.dll uncontrolled search path]
Points20

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!

n $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0'; } } ?>