DLL Hijacking Vulnerability in NoMachine v7.9.2: Arbitrary Code Execution via Incorrect Folder Permissions
CVE-2022-34043 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2 allows attackers to perform a DLL hijacking attack and execute arbitrary code.
Learn more about our Web Application Penetration Testing UK.