Vulnerability Details CVE-2022-40126
A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.8%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2022-40126
-
cpe:2.3:a:clash_project:clash:0.19.9