Author

Topic: Warning! Exodus RCE (Remote Code Execution) [Safe links] (Read 96 times)

member
Activity: 134
Merit: 10
I don't know if this has been mentioned before in the forums, but take when browsing the web with your Exodus Wallet open. The last version seems to be patched, hence it doesn't seem to be vulnerable.

Here's a safe to try proof of concept of the security flaw:




You can save that as HTML if you desire and see how Exodus process the request. Here's also 2 links to exploit-db for more information about the RCE:

- https://www.exploit-db.com/exploits/44357/
- https://www.exploit-db.com/exploits/43899/

Merit is welcome. Safe browsing!
Chris,
Jump to: