tiagorlampert/CHAOS

tiagorlampert/CHAOS

Releases4

Frequency10 months 3 weeks

Last Release about 2 years ago

Stars2.81K

:fire: CHAOS is a free and open-source Remote Administration Tool that allow generate binaries to control remote operating systems.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-33434 ↗	May 7, 2024Tuesday, 7 May 2024, 14:15	9.8 CRITICAL	—
An issue in tiagorlampert CHAOS v5.0.1 before 1b451cf62582295b7225caf5a7b506f0bad56f6b and 24c9e109b5be34df7b2bce8368eae669c481ed5e allows a remote attacker to execute arbitrary code via the unsafe concatenation of the `filename` argument into the `buildStr` string without any sanitization or filtering.
CVE-2024-31839 ↗	Apr 12, 2024Friday, 12 April 2024, 14:15	4.8 MEDIUM	—
Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component.