I am using Setup Facotry 9.5.3.
Now found a security issue, that is:
when I run the application which built with Setup Facotry, it will create a folder to
C:\Users\%username%\AppData\Local\Temp\_ir_sf_temp _0 with admin privilege.
This will be leverated by hacker, they can create a symbol link to this folder.
you can check this link from github:
https://github.com/thezdi/PoC/tree/m...FilesystemEoPs
Can you please don't use admin to create that folder?
Now found a security issue, that is:
when I run the application which built with Setup Facotry, it will create a folder to
C:\Users\%username%\AppData\Local\Temp\_ir_sf_temp _0 with admin privilege.
This will be leverated by hacker, they can create a symbol link to this folder.
you can check this link from github:
https://github.com/thezdi/PoC/tree/m...FilesystemEoPs
Can you please don't use admin to create that folder?