Rce in Visual Studio Codes Remote Wsl for Fun and Negative Profit
Rce in Visual Studio Codes Remote Wsl for Fun and Negative Profit
Published
The Visual Studio Code server in Windows Subsystem for Linux uses a local WebSocket WebSocket connection to communicate with the Remote WSL extension. JavaScript in websites can connect to this server and execute arbitrary commands on the target system. Assigned CVE-2021-43907 and -5 USD bounty (the cost of the EC2 machine to host the proof-of-concept).
It’s really funny that PlayStation paid 15K USD for almost the same bug with 2.2 million subscribers (it was out of scope in their program, too), but MSFT doesn’t pay for an official extension with more than 10 million installs (obviously, not every install is unique) for one of their most popular products. But you are not here to listen to my rants. So, read on.
- Read Full Article Rce in Visual Studio Codes Remote Wsl for Fun and Negative Profit