[SECURITY] Privilege escalation: Unquoted call to "crlfsuite-script.py"

Question

[SECURITY] Privilege escalation: Unquoted call to "crlfsuite-script.py"

ItsIgnacioPortal opened this issue 2 years ago · 1 comments

Please see the readme of this project: https://github.com/ItsIgnacioPortal/Improper-Quotes-Monitor

TL;DR: CRLFsuite is vulnerable to privilege escalation because it tries to access a file without quotation marks. More specifically, when I run crlfsuite --help, python tries to run:

C:\Program Files\Python39\python.exe C:\Program Files\Python39\Scripts\crlfsuite-script.py --help

but because the path was not quoted properly, it actually runs:

C:\Program.exe Files\Python39\python.exe C:\Program Files\Python39\Scripts\crlfsuite-script.py --help

This vulnerability isn't super serious because crlfsuite doesn't need to be ran as Administrator at any point, and no "default" Windows configuration makes this exploitable. Old Windows versions (such as Windows 8.1) are still vulnerable though.

Answer 1 · 2022-07-17T07:00:44.000Z

Hi @ItsIgnacioPortal,
This issue doesn't need to be fixed due to its very low severity so we are closing this issue as wontfix.