| Title | 360 Total Security (360.cn) 360 Total Security (Nucleus Engine) 360 Total Security for Business V6.0 Security Feature Bypass |
|---|
| Description | A security bypass vulnerability exists in 360 Nucleus Engine's monitoring logic for scheduled task creation. The engine blocks RPC binding using "localhost" but fails to detect semantically equivalent addresses NULL or "0". Attackers can exploit this by setting the NetworkAddr parameter in RpcStringBindingComposeW to NULL or L"0" to create malicious scheduled tasks without triggering alerts. |
|---|
| Source | ⚠️ https://github.com/Gach0ng/vuldb_submit/issues/4 |
|---|
| User | gachong (UID 98198) |
|---|
| Submission | 05/19/2026 14:17 (27 days ago) |
|---|
| Moderation | 06/14/2026 14:54 (26 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 370858 [Qihoo 360 Total Security 6.0 Nucleus Engine Monitoring Logic RpcStringBindingComposeW NetworkAddr protection mechanism] |
|---|
| Points | 20 |
|---|