PoC for arbitrary file delete/move in Razer Synapse 3 Macro module.
This module allows user to export created macros to file on disk and file operation is done via razer service that runs as nt authority\system.
I tried to report this to razer using their BB program and i got response that this is not a bug but an exploit š¤£.
I have then reported it to HackerOne and that report is closed as Informative due to age of report.
Affected versions are 3.7.1209.121307 and below.
Arbitrary Delete
video.mp4
Arbitrary Move