Razer Chroma SDK Rest Server up to and including 3.12.17 allows remote malicious users to execute arbitrary programs because there is a race condition in which a file created under "%PROGRAMDATA%\Razer Chroma\SDK\Apps" can be replaced before it is executed by the server. The attacker must have access to port 54236 for a registration step.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
razer chroma sdk |