CVE-2024-48662

Vulnerability

Analysis

AdGuard Application v.7.18.1 (4778) and earlier contains a Cross-Site Scripting (XSS) vulnerability in the fontMatrix component. The vulnerability is caused by insufficient sanitization of user-supplied input, allowing an attacker to embed malicious JavaScript code via a crafted payload. This arises from improper handling of font matrix parameters, which are processed without adequate encoding or validation [1].

Exploitation

To exploit this vulnerability, an attacker must deliver a specially crafted payload to the fontMatrix component. The attack can be performed remotely without authentication, as the vulnerable component is accessible through the application's user interface. The attacker does not require a privileged network position; a crafted link or direct interaction with the application's functionality can trigger the payload [1].

Impact

Successful exploitation leads to arbitrary code execution in the context of the affected AdGuard application. This can result in session hijacking, data theft, or further compromise of the user's system depending on the capabilities of the executed script. The CVSS v3 base score of 6.1 (Medium) reflects the potential for significant impact but with some mitigating factors, such as the need for user interaction [1].

Mitigation

Users are advised to update to a patched version of AdGuard Application beyond v.7.18.1. The vendor has not yet released a specific fix at the time of publication; however, applying general security best practices, such as disabling JavaScript in embedded browsers or using content security policies, may reduce risk [1].