Published: 02/04/2020 Updated: 18/10/2021

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 606

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

An issue exists in XAMPP prior to 7.2.29, 7.3.x prior to 7.3.16 , and 7.4.x prior to 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (including admins) to enable arbitrary command execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apachefriends xampp

XAMPP version 743 suffers from a local privilege escalation vulnerability ...

This is a writeup for CVE-2020-11107 reported by Maximilian Barz

CVE-2020-11107 This is a writeup for CVE-2020-11107 I've found An issue was discovered in XAMPP before 7229, 73x before 7316 , and 74x before 744 on Windows An unprivileged user can change a exe configuration in xampp-contolini for all users (including admins) to enable arbitrary command execution All this can be done through xampps control-panel XAMPP allo

XAMPP - CVE-2020-11107

CVE-2020-11107 This is a writeup for CVE-2020-11107 I've found An issue was discovered in XAMPP before 7229, 73x before 7316 , and 74x before 744 on Windows An unprivileged user can change a exe configuration in xampp-contolini for all users (including admins) to enable arbitrary command execution All this can be done through xampps control-panel XAMPP allo

CWE-732 https://www.apachefriends.org/blog/new_xampp_20200401.html http://packetstormsecurity.com/files/164292/XAMPP-7.4.3-Privilege-Escalation.html https://nvd.nist.gov https://github.com/S1lkys/CVE-2020-11107 https://packetstormsecurity.com/files/164292/XAMPP-7.4.3-Privilege-Escalation.html

CVE-2020-11107

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect