CNNVD-202510-1121 Information

CNNVD ID

CNNVD-202510-1121

Related CVE

CVE-2017-20202

• CNNVD Published: 2025-10-08

Description (Chinese)

Web Developer for Chrome是Chris Pederick个人开发者的一个浏览器开发者扩展。 Web Developer for Chrome 0.4.9版本存在安全漏洞，该漏洞源于恶意代码通过DGA生成域名并获取远程脚本，可能导致用户级代码执行、大规模广告欺诈、流量劫持和凭据窃取。

Description (English)

Web Development for Crome is an extension of a browser developer for Chris Pederick personal developer. There is a security loophole in Web Devloper for Crope version 0.4.9, which stems from the generation of domain names through DGA and the acquisition of remote scripts, which can lead to user-level code enforcement, large-scale advertising fraud, traffic hijacking and document theft.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-08

Last Modified

2026-02-24

References

https://www.proofpoint.com/us/threat-insight/post/threat-actor-goes-chrome-extension-hijacking-spree https://www.vulncheck.com/advisories/web-developer-for-chrome-malicious-backdoor-supply-chain-compromise https://gist.github.com/piedpiperRichard/076516da60f45842f1a6e6ae35a9a240/ https://chromewebstore.google.com/detail/web-developer/bfbameneiokkgbdmiekhjnmfkcnldhhm?pli=1 https://ui.vision/blog/chrome-extension-adware/ https://chrispederick.com/blog/web-developer-for-chrome-compromised/ https://web.archive.org/web/20170803163618/ https://access.redhat.com/security/cve/cve-2017-20202