: It leaks thread handles during application restarts, which can lead to resource exhaustion over time. NSSM - the Non-Sucking Service Manager Malicious Use by Threat Actors
The NSSM-2.24 exploit is a critical vulnerability that allows attackers to execute arbitrary code on vulnerable systems. The vulnerability exists due to improper validation of input parameters in the NSSM service, which enables an attacker to inject malicious code and gain elevated privileges. nssm-2.24 exploit
The version 2.24 of NSSM, in particular, introduced several new features and improvements, including enhanced error handling, improved service monitoring, and better support for Windows 10 and Windows Server 2016. : It leaks thread handles during application restarts,
# Load the malicious configuration file using NSSM nssm_path = "C:\\path\\to\\nssm.exe" subprocess.run([nssm_path, "start", "inet", config_file], check=True) introduced several new features and improvements