Exploit for CVE-2024-36138

  1. Home
  2. Uncategorized
  3. Exploit for CVE-2024-36138

Exploit for CVE-2024-36138

Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via child_process.spawn / child_process.spawnSync. A malicious command line argument can inject arbitrary commands and achieve code execution even if the shell option is not enabled.

Published: 2024-09-07

CVSS: 8.1

CVSS Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Download Exploit for CVE-2024-36138 here:

Use Tor Browser to access .onion links.

Check our team here:

https://wednesfieldacademy.com/exploit-593-cve-2013-2465/

https://wednesfieldacademy.com/exploit-956-cve-2023-41266/

https://wednesfieldacademy.com/exploit-125-cve-2025-32701/

Latest News

Follow us on Social Media

Popular Pages

Contact Info

Wednesfield Academy
Lichfield Road
Wednesfield, Wolverhampton
West Midlands
WV11 3ES

T: 01902 558 222

postbox@wednesfieldacademy.co.uk

Monday - Thursday: 8:00 am - 4:00 pm
Friday: 8:00 am - 3:30 pm

Copyright 2026 © All Rights Reserved

 Privacy Notice

CEOP-1

Loading