CVE-2018-25044

A vulnerability, which was classified as critical, has been found in uTorrent. This issue affects some unknown processing of the component Guest Account. The manipulation leads to privilege escalation. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
References
Link Resource
http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html Third Party Advisory
https://bugs.chromium.org/p/project-zero/issues/detail?id=1524 Exploit Issue Tracking Mailing List Third Party Advisory
https://vuldb.com/?id.113807 Exploit Third Party Advisory VDB Entry
http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html Third Party Advisory
https://bugs.chromium.org/p/project-zero/issues/detail?id=1524 Exploit Issue Tracking Mailing List Third Party Advisory
https://vuldb.com/?id.113807 Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:bittorrent:utorrent:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:03

Type Values Removed Values Added
References () http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html - Third Party Advisory () http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html - Third Party Advisory
References () https://bugs.chromium.org/p/project-zero/issues/detail?id=1524 - Exploit, Issue Tracking, Mailing List, Third Party Advisory () https://bugs.chromium.org/p/project-zero/issues/detail?id=1524 - Exploit, Issue Tracking, Mailing List, Third Party Advisory
References () https://vuldb.com/?id.113807 - Exploit, Third Party Advisory, VDB Entry () https://vuldb.com/?id.113807 - Exploit, Third Party Advisory, VDB Entry
CVSS v2 : 6.8
v3 : 8.8
v2 : 6.8
v3 : 6.3

29 Jun 2022, 13:54

Type Values Removed Values Added
CWE CWE-269
References (MISC) https://bugs.chromium.org/p/project-zero/issues/detail?id=1524 - (MISC) https://bugs.chromium.org/p/project-zero/issues/detail?id=1524 - Exploit, Issue Tracking, Mailing List, Third Party Advisory
References (MISC) https://vuldb.com/?id.113807 - (MISC) https://vuldb.com/?id.113807 - Exploit, Third Party Advisory, VDB Entry
References (MISC) http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html - (MISC) http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/efaq.html - Third Party Advisory
CPE cpe:2.3:a:bittorrent:utorrent:-:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : 6.8
v3 : 8.8

17 Jun 2022, 13:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-06-17 13:15

Updated : 2024-11-21 04:03


NVD link : CVE-2018-25044

Mitre link : CVE-2018-25044

CVE.ORG link : CVE-2018-25044


JSON object : View

Products Affected

bittorrent

  • utorrent
CWE
CWE-269

Improper Privilege Management