CVE-2023-34634
published 2023-08-01CVE-2023-34634: Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened.
PriorityP350high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
7.69%
93.8th percentile
Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| getgreenshot | greenshot | <= 1.2.10.6 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
GreenShot 1.2.10 - Insecure Deserialization Arbitrary Code Execution
exploitdb·2023-07-28·CVSS 7.8
CVE-2023-34634 [HIGH] GreenShot 1.2.10 - Insecure Deserialization Arbitrary Code Execution
GreenShot 1.2.10 - Insecure Deserialization Arbitrary Code Execution
---
# Exploit Title: GreenShot 1.2.10 - Insecure Deserialization Arbitrary Code Execution
# Date: 26/07/2023
# Exploit Author: p4r4bellum
# Vendor Homepage: https://getgreenshot.org
# Software Link: https://getgreenshot.org/downloads/
# Version: 1.2.6.10
# Tested on: windows 10.0.19045 N/A build 19045
# CVE : CVE-2023-34634
#
# GreenShot 1.2.10 and below is vulnerable to an insecure object deserialization in its custom *.greenshot format
# A stream of .Net object is serialized and inscureley deserialized when a *.greenshot file is open with the software
# On a default install the *.greenshot file extension is associated with the programm, so double-click on a*.greenshot file
# will lead to arbitrary code execution
#
#
Metasploit
Greenshot .NET Deserialization Fileformat Exploit
metasploit
Greenshot .NET Deserialization Fileformat Exploit
Greenshot .NET Deserialization Fileformat Exploit
There exists a .NET deserialization vulnerability in Greenshot version 1.3.274 and below. The deserialization allows the execution of commands when a user opens a Greenshot file. The commands execute under the same permissions as the Greenshot service. Typically, is the logged in user.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/173825/GreenShot-1.2.10-Arbitrary-Code-Execution.htmlhttp://packetstormsecurity.com/files/174222/Greenshot-1.3.274-Deserialization-Command-Execution.htmlhttps://github.com/greenshot/greenshot/commit/a152e2883fca7f78051b3bd6b1e5cc57355cb44chttps://greenshot.atlassian.net/browse/BUG-3061https://www.exploit-db.com/exploits/51633http://packetstormsecurity.com/files/173825/GreenShot-1.2.10-Arbitrary-Code-Execution.htmlhttp://packetstormsecurity.com/files/174222/Greenshot-1.3.274-Deserialization-Command-Execution.htmlhttps://github.com/greenshot/greenshot/commit/a152e2883fca7f78051b3bd6b1e5cc57355cb44chttps://greenshot.atlassian.net/browse/BUG-3061https://www.exploit-db.com/exploits/51633
2023-08-01
Published