CVE-2022-40126

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
29/09/2022
Last modified:
21/05/2025

Description

A misconfiguration in the Service Mode profile directory of Clash for Windows v0.19.9 allows attackers to escalate privileges and execute arbitrary commands when Service Mode is activated.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:clash_project:clash:0.19.9:*:*:*:*:windows:*:*