LinkedIn messenger is one of the mostly used platform which helps to professional to Share their skills, Messenger easily send resumes, transfer academic research and share job descriptions from the LinkedIn community.
The security flow that was implemented on LinkedIn messenger which checks the behaviour of attached files before sending or uploading, was can be bypassed just by changing the extension name of malicious file.
How Vulnerability Works?
According to the checkpoint research, attacker can easily upload the malicious PowerShell script into the LinkedIn messenger just by changing its extension to
This Vulnerability Allows to Attacker upload any Malicious file into LinkedIn messenger by Modifying the file Extension of the Malicious file.
Below is the POC image of the POST request made to the server while uploading a malicious file.
so Finally Malicious File will be successfully uploaded without detecting by the LinkedIn security restrictions and once Victims click the file then it will be triggered and successfully infect the victim’s Machine.