Exploiting Electron RCE in Exodus wallet

While browsing Twitter I’ve noticed ElectronJS remote code execution vulnerability in protocol handler. That sounds severe. As stated in official description, for application to be vulnerable is enough to register itself as default handler for some protocol. I had one application based on Electron installed on my laptop that I was looking into some time ago — Exodus cryptocurrencies wallet. I knew

[Quramy]

electron >= 1.7.0,< 1.7.11 の脆弱性について。Protocol Handlerを経由して、URLにコマンドを埋め込めてしまう、という話。XSSと組み合わせるとヤバいってことかな？

[amagitakayosi]

先日のElectronの脆弱性の解説