CVE-2021-41067

Published: Dec 14, 2021

Modified: Aug 4, 2024

PUBLISHED

Description

An issue was discovered in Listary through 6. Improper implementation of the update process leads to the download of software updates with a /check-update HTTP-based connection. This can be exploited with MITM techniques. Together with the lack of package validation, it can lead to manipulation of update packages that can cause an installation of malicious content.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.listary.com/download

x_refsource_MISC

https://medium.com/%40tomerp_77017/exploiting-listary-searching-your-way-to-system-privileges-8175af676c3e

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-41067

Description

Affected Products

References