PoC for arbitrary file delete/move in Razer Synapse 3 Macro module.

This module allows user to export created macros to file on disk and file operation is done via razer service that runs as nt authority\system.

I tried to report this to razer using their BB program and i got response that this is not a bug but an exploit 🤣.

I have then reported it to HackerOne and that report is closed as Informative due to age of report.

Affected versions are 3.7.1209.121307 and below.

Arbitrary Delete

Arbitrary Move