10-23-2022, 12:12 PM
CVE-2022-21970
Description
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This vulnerability allows an attacker to execute javascript code on every host without permission, also an attacker can steal local system files, and also he can manipulate the actions against the machine and result in changing internal developer settings in Microsoft Edge.
NOTE: In this example, Microsoft Edge executes a malicious script without problems. This is just a malicious .bat file that reboots the infected machine, and it’s only for testing! The attacker can create a malicious file that can take a Privilege Escalation, malware, spyware, or kernel exploit file and harm seriously your device! Not correctly sanitizing and checking for that what users download on their machines by using a MsEdge!
Read More : https://reconshell.com/microsoft-edge-pr...erability/
Description
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This vulnerability allows an attacker to execute javascript code on every host without permission, also an attacker can steal local system files, and also he can manipulate the actions against the machine and result in changing internal developer settings in Microsoft Edge.
NOTE: In this example, Microsoft Edge executes a malicious script without problems. This is just a malicious .bat file that reboots the infected machine, and it’s only for testing! The attacker can create a malicious file that can take a Privilege Escalation, malware, spyware, or kernel exploit file and harm seriously your device! Not correctly sanitizing and checking for that what users download on their machines by using a MsEdge!
Read More : https://reconshell.com/microsoft-edge-pr...erability/