CVE-2021-35448

Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections.

Summary:

Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image Transfer Folder feature to navigate to cmd.exe. It binds to local ports to listen for incoming connections.

Reference Links(if available):

  • https://deathflash.ml/blog/remote-mouse-lpe
  • https://www.exploit-db.com/exploits/50047
  • CVSS Score (if available)

    v2: / HIGH

    v3: /

    Links to Exploits(if available)

  • https://github.com/offensive-security/exploitdb/blob/master/exploits/windows/local/50047.txt