DLL Hijacking Vulnerability in NoMachine v7.9.2: Arbitrary Code Execution via Incorrect Folder Permissions

CVE-2022-34043 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Incorrect permissions for the folder C:\ProgramData\NoMachine\var\uninstall of Nomachine v7.9.2 allows attackers to perform a DLL hijacking attack and execute arbitrary code.

Learn more about our Web Application Penetration Testing UK.