Giters

scopion / CVE-2022-26629

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Lock Screen Bypass

CVE-2022-26629

Affected Products

  • SoroushPlus+ Messenger 1.0.30

Vulnerability Type

Improper Access Control

Impact

Lock Screen Bypass

Summary

Improper handling of insufficient permissions and privileges allows an attacker to modify and overwrite the lock screen functionality causing it to be bypassed without any authorization.

Exploitation

BypassLockScreen.py

Auto Exploit PoC

  1. Drop BypassLockScreen.py to the your SoroushPlus+ installation directory,
  2. Run Python3 BypassLockScreen.py.

Tested Environments

  • Windows
  • Linux

Demo

PoC.gif

About

Languages

Language:Python 100.0%