Critical severity9.8NVD Advisory· Published Feb 23, 2023· Updated Jun 17, 2026
CVE-2023-24205
CVE-2023-24205
Description
Clash for Windows v0.20.12 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via overwriting the configuration file (cfw-setting.yaml).
Affected products
2- Clash for Windows/Clash for Windowsdescription
- Range: =0.20.12
Patches
Vulnerability mechanics
References
1- github.com/Fndroid/clash_for_windows_pkg/issues/3891nvdExploitIssue Tracking
News mentions
0No linked articles in our index yet.