| Title | LibreWolf Librewolf installer 143.0.4-1 EXE Hijacking |
|---|
| Description | Security vulnerability: EXE Hijacking
Affected Component: Librewolf version 143.0.4-1 installer (librewolf-143.0.4-1-windows-x86_64-setup.exe) for Windows
Product: LibreWolf for Windows
Version: 143.0.4-1
Vendor: LibreWolf (https://librewolf.net)
Vulnerability Description
A vulnerability has been discovered affecting the latest version of LibreWolf for the Windows operating system, which allows EXE hijacking through the software installer.
Impact
By exploiting this vulnerability, a malicious user could send a malicious EXE file along with the legitimate installer, causing the LibreWolf installer to automatically run the malicious executable at the end of the installation with the same privileges as the user who installed the browser. This could allow an attacker to use the authentic software's credibility to execute arbitrary commands, compromise data, or alter system functionality, jeopardizing the security and integrity of the environment.
To reproduce:
1) Note that at the end of the LibreWolf installation a call is made to the folder where the installer was run looking for a missing executable with the name "schtasks.exe".
2) This way, create a malicious exe file called "schtasks.exe" and paste it into the folder where the installer will run.
(Note: If you have LibreWolf installed, uninstall it before continuing.)
3) Start the LibreWolf installation normally.
4) At the end of the installation, the malicious executable will be loaded automatically.
|
|---|
| Source | ⚠️ https://github.com/Cyber-Wo0dy/report/blob/main/librewolf/143.0.4-1/librewolf_installer_exe_hijacking.md |
|---|
| User | Anonymous User |
|---|
| Submission | 10/08/2025 19:45 (8 months ago) |
|---|
| Moderation | 10/18/2025 15:01 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 329019 [LibreWolf up to 143.0.4-1 on Windows Installer assets/setup.nsi uncontrolled search path] |
|---|
| Points | 20 |
|---|