Privilege Escalation Affecting Open this link in a new tab package, versions <2020.8.1

  • Attack Complexity


  • Confidentiality


  • Integrity


  • Availability


Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • snyk-id


  • published

    25 May 2021

  • disclosed

    24 May 2021

  • credit


How to fix?

Upgrade to version 2020.8.1 or higher.

Overview is an Argo Tunnel client.

Affected versions of this package are vulnerable to Privilege Escalation. On Windows, if an administrator has set cloudflared to read configuration files from a certain directory, an unprivileged user can exploit a misconfiguration in order to escalate privileges and execute system-level commands. The misconfiguration is due to the way that cloudflared reads its configuration file. One of the locations that cloudflared reads from (C:\etc\) is not a secure by default directory due to the fact that Windows does not enforce access controls on this directory without further controls applied. A malformed config.yaml file can be written by any user.