Articles
12
Tags
21
Categories
6
Home
Tags
Categories
Link
Edges
CNNVD-2025-26975123
Home
Tags
Categories
Link
CNNVD-2025-26975123
Created
2025-05-15
|
Updated
2025-08-17
|
CVE
|
Post Views:
Hey, password is required here.
Author:
Nightsedge
Link:
https://0nightsedge0.github.io/2025/05/15/2025-May-1-Temp-Vuln-Report/
Copyright Notice:
All articles on this blog are licensed under
CC BY-NC-SA 4.0
unless otherwise stated.
CVE
With_Chinese_Content
Previous
CVE-2025-4540 - C-Lodop CLodopPrintService unquoted search path
Found a simple vulnerability on a print service
Next
MDE Advanced Hunting KQL Process Tree
Little Experience in MDE Advanced Hunting KQL to Create Process Tree
Related Articles
2025-05-14
CVE-2025-4540 - C-Lodop CLodopPrintService unquoted search path
Found a simple vulnerability on a print service
2025-01-12
CVE-2024-9950-Forescout-SecureConnector
Found the vulnerability but i am too late to report it...sad
Nightsedge
Half is worse than None at All.
Articles
12
Tags
21
Categories
6
Contents
1.
CNNVD-2025-26975123
2.
EN
2.1.
Info
2.2.
Detail
2.3.
Testing Steps
2.3.0.1.
1. Checking the permission of the DingTalk folder is granted to “Users” with Full control after installation
2.3.0.2.
2. Create a simple DLL file called PROPSYS.dll to execute my code (just the DLL main with attach thread/process)
2.3.0.3.
3. Copy this DLL file to C:\Program Files (x86)\DingDing
2.3.0.4.
4. Execute the DingtalkLauncher.exe to hijack the execution flow and run the message prompt
2.4.
PoC
2.5.
Root Cause
2.6.
Official Solution
2.7.
Remediation
2.8.
WorkAround
2.9.
Timeline
2.10.
Epilogue
3.
中文
3.1.
基本資料
3.2.
詳細資料
3.3.
測試步驟
3.3.0.1.
1. DingTalk安裝完成後檢查釘釘資料夾的權限是否授予用戶完全控制
3.3.0.2.
2. 建立一個名為PROPSYS.dll的簡單 DLL 檔案來執行我的程式碼
3.3.0.3.
3. 將此 DLL 檔案複製到 C:\Program Files (x86)\DingDing
3.3.0.4.
4. 執行DingtalkLauncher.exe劫持執行流程,執行訊息彈窗
3.4.
PoC
3.5.
根源問題
3.6.
官方解決方案
3.7.
補救措施
3.8.
變通辦法
3.9.
時間線
3.10.
後記
Recent Posts
HKIRC 2025 CTF (網絡攻防精英培訓暨攻防大賽 2025) 後感
2025-08-17
MDE Advanced Hunting KQL Process Tree
2025-08-12
CNNVD-2025-26975123
2025-05-15
