Reenignearcher

Name of the Vulnerable Software and Affected Versions: Sunshine versions prior to 2025.628.4510 Description: The issue concerns a lack of protection against clickjacking attacks in the web interface of Sunshine, a self-hosted game stream host for Moonlight. This allows an attacker to embed the Sunshine interface within a malicious website using an invisible or disguised iframe. If a user is tricked into interacting with the malicious page while authenticated, they may unknowingly perform actions within the Sunshine application without their consent. Recommendations: For versions prior to 2025.628.4510, update to version 2025.628.4510 to resolve the issue. As a temporary workaround, consider restricting access to the web UI of Sunshine to minimize the risk of exploitation. Avoid using the Sunshine web interface on untrusted devices or networks until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Sunshine versions 0.17.0 through 0.22.2 **Description** Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine as a service on Windows may be impacted when terminating the service if an attacker placed a file named `C:Program.exe`, `C:Program.bat`, or `C:Program.cmd` on the user's computer. This attack vector isn't exploitable unless the user has manually loosened ACLs on the system drive. If the user's system locale is not English, then the name of the executable will likely vary. **Recommendations** For versions 0.17.0 through 0.22.2, update to version 0.23.0 to resolve the issue. As a temporary workaround, consider using application control tools, like Windows Defender Application Control, AppLocker, or Software Restriction Policies, to identify and block potentially malicious software executed path interception. Alternatively, ensure that proper permissions and directory access control are set to deny users the ability to write files to the top-level directory `C:` and require that all executables be placed in write-protected directories.