CVE-2023-24205 Information

Description

Clash for Windows v0.20.12 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via overwriting the configuration file (cfw-setting.yaml).

Reference

https://github.com/Fndroid/clash_for_windows_pkg https://github.com/Fndroid/clash_for_windows_pkg/issues/3891