Published: 01/08/2023 Updated: 17/08/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened.

Vulnerable Product	Search on Vulmon	Subscribe to Product
greenshot greenshot

GreenShot version 1210 suffers from an insecure deserialization arbitrary code execution vulnerability ...

There exists a NET deserialization vulnerability in Greenshot versions 13274 and below The deserialization allows the execution of commands when a user opens a Greenshot file The commands execute under the same permissions as the Greenshot service Typically, it is the logged in user ...

NVD-CWE-noinfo http://packetstormsecurity.com/files/173825/GreenShot-1.2.10-Arbitrary-Code-Execution.html https://github.com/greenshot/greenshot/commit/a152e2883fca7f78051b3bd6b1e5cc57355cb44c https://www.exploit-db.com/exploits/51633 https://greenshot.atlassian.net/browse/BUG-3061 http://packetstormsecurity.com/files/174222/Greenshot-1.3.274-Deserialization-Command-Execution.html https://nvd.nist.gov https://packetstormsecurity.com/files/173825/GreenShot-1.2.10-Arbitrary-Code-Execution.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-34634

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect