VYPR

Fiddler

by Telerik

CVEs (2)

  • CVE-2020-13661Nov 5, 2020
    risk 0.00cvss epss 0.01

    Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must interactively choose…

  • CVE-2019-12097Jun 3, 2019
    risk 0.00cvss epss 0.01

    Telerik Fiddler v5.0.20182.28034 doesn't verify the hash of EnableLoopback.exe before running it, which could lead to code execution or local privilege escalation by replacing the original EnableLoopback.exe.