CVEs-PoC/2020/CVE-2020-13110.md at 93186218d4f9d5580940c2f6512a75bd514b8141

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-31 18:29:31 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

The kerberos package before 1.0.0 for Node.js allows arbitrary code execution and privilege escalation via injection of malicious DLLs through use of the kerberos_sspi LoadLibrary() method, because of a DLL path search.

POC

Reference

https://medium.com/%40kiddo_Ha3ker/dll-injection-attack-in-kerberos-npm-package-cb4b32031cd
https://medium.com/@kiddo_Ha3ker/dll-injection-attack-in-kerberos-npm-package-cb4b32031cd
https://www.op-c.net/2020/05/15/dll-injection-attack-in-kerberos-npm-package/

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/leoambrus/artefactswithoutCVEonGitHubAdvisoryDatabase

997 B Raw Blame History

CVE-2020-13110

Description

POC

Reference

Github

997 B

Raw Blame History