DLL Hijacking | writeups.xyz

Title	Vulnerabilities	Programs	Authors
KnowBe4 RCE and LPE	RCE Local Privilege Escalation DLL Hijacking	KnowBe4	Ceri Coburn
I hacked a card printer software (CVE-2024-34329)	Local Privilege Escalation DLL Hijacking Windows	Entrust	P0pcycle
Cache Me If You Can: Local Privilege Escalation in Zscaler Client Connector (CVE-2023-41973)	Path Traversal Authentication Bypass Arbitrary File Delete DLL Hijacking Local Privilege Escalation Windows	Zscaler	Eugene Lim (@Spaceraccoonsec) Winston Ho
Poppin shells with Okta Verify on Windows	RCE DLL Hijacking Local Privilege Escalation	Okta	B0yd (@Rwincey)
Technical Advisory: Vulnerabilities Identified within ListServ	CSRF Samesite Cookie Bypass Reflected XSS Stored XSS Unrestricted File Upload DLL Hijacking Local Privilege Escalation Buffer Overflow Memory Corruption	ListServ	Adam Crosser
Getting SYSTEM on Windows in style	RCE Local Privilege Escalation TOCTOU DLL Hijacking	Microsoft (Windows)	Sector 7 (@Sector7_nl)
CVE-2023-38146: Arbitrary Code Execution via Windows Themes	RCE TOCTOU DLL Hijacking	Microsoft (Windows)	Gabe_k
Escalating Privileges via Third-Party Windows Installers	Local Privilege Escalation DLL Hijacking	Atera	Andrew Oliveau (@AndrewOliveau)
Lenovo Update Your Privileges	Local Privilege Escalation DLL Hijacking Windows	Lenovo	Raphael Rosenast
Netskope Client Service Local Privilege Escalation	Local Privilege Escalation DLL Hijacking Zip Slip Attack	Netskope	Jean-Jamil Khalife
DLL Hijacking – Finding Vulnerabilities In pestudio 9.52	DLL Hijacking Local Privilege Escalation	Pestudio	Matei Josephs
DLL Hijacking Strikes Back: Exploiting Windows on ARM RDP Client (CVE-2023-24905)	DLL Hijacking Local Privilege Escalation	Microsoft (Windows)	Dor Dali
CS:GO: From Zero to 0-day	Game Hacking RCE Memory Corruption Arbitrary File Download Arbitrary File Write DLL Hijacking Privilege Escalation	Valve (CS:GO)	Felipe Alain
Dynamic Linking Injection and LOLBAS Fun	DLL Hijacking Dynamic-Linking Injection Local Privilege Escalation	Undisclosed	Joseph Henry
LPE via StorSvc	Local Privilege Escalation DLL Hijacking	Microsoft (Windows)	Antón Ortigueira (@Antuache) Kurosh Dabbagh (@_Kudaes_)
CVE-2022-32223 Discovery: DLL Hijacking via npm CLI	DLL Hijacking Privilege Escalation	Node.js	Yakir Kadkoda
Microsoft Azure Site Recovery DLL Hijacking	DLL Hijacking Privilege Escalation	Microsoft	Jimi Sebree (@DinoBytes)

Page 1 of 1