module
Greenshot .NET Deserialization Fileformat Exploit
| Disclosed |
|---|
| Jul 26, 2023 |
Disclosed
Jul 26, 2023
Description
There exists a .NET deserialization vulnerability in Greenshot version 1.3.274
and below. The deserialization allows the execution of commands when a user opens
a Greenshot file. The commands execute under the same permissions as the Greenshot
service. Typically, is the logged in user.
and below. The deserialization allows the execution of commands when a user opens
a Greenshot file. The commands execute under the same permissions as the Greenshot
service. Typically, is the logged in user.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.