CVE-2021-28130

Dr.Web Firewall 12.5.2.4160 on Windows incorrectly restricts applications signed by Dr.Web. A DLL for a custom payload within a legitimate binary (e.g., frwl_svc.exe) bypasses firewall filters.
References
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:drweb:security_space:12.5.2.4160:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:59

Type Values Removed Values Added
References () https://habr.com/ru/company/pm/blog/579328/ - Exploit, Third Party Advisory () https://habr.com/ru/company/pm/blog/579328/ - Exploit, Third Party Advisory
References () https://news.drweb.ru/show/?i=14180&lng=ru - Vendor Advisory () https://news.drweb.ru/show/?i=14180&lng=ru - Vendor Advisory

Information

Published : 2021-09-24 16:15

Updated : 2024-11-21 05:59


NVD link : CVE-2021-28130

Mitre link : CVE-2021-28130

CVE.ORG link : CVE-2021-28130


JSON object : View

Products Affected

drweb

  • security_space

microsoft

  • windows
CWE
CWE-427

Uncontrolled Search Path Element