tags:macoswindowsenterprise_apppath_traversal
original link: A Deep Dive into the CoSoSys EndPoint Protector Exploit: Remote Code Execution
newsletter link: exploits.club Weekly Newsletter 37 - Juicy Overflows, The Art Of Exploitation, Rust in Firmware, and More
Exploits Club Summary:
Theori detailed 4 vulnerabilities in the CoSoSys EndPoint Protector which they found during a recent engagementâŠironically**, it did not serve as much of a âdata loss preventionâ tool in this case**. The vulnerabilities allowed for a complete takeover of both the clients and the server. Leveraging a path traversal on the server, the team could upload a webshell. They then documented 3 ways this newfound access could be abused to take over all the connected clients.