CVE-2025-61871
NAS Navigator2 for Windows (BUFFALO INC.) is affected by an unquoted service path issue (CWE-428) that allows a user with write access to the system drive root to execute arbitrary code with SYSTEM privileges. The root cause is an unquoted file path used when registering a Windows service. Docume...