10 matches found
EUVD-2020-30898
Input Director 1.4.3 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with...
CVE-2020-36985
IP Watcher 3.0.0.30 is affected by an unquoted service path vulnerability in its Windows service PACService.exe; the underlying issue is an unquoted binary path that allows local attackers to inject executables and run with elevated LocalSystem privileges at service startup. Documents confirm the...
CVE-2020-36979
CVE-2020-36979 affects Atheros Coex Service Application 8.0.0.255. The vulnerability is an unquoted service path in the Windows service configuration, which could allow a local attacker to place a malicious executable in the service path and gain elevated privileges during service startup. The av...
EUVD-2026-4638
Magic Mouse 2 Utilities 2.20 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to inject malicious executables and gain elevated system privileges by placing a malicious file in the service path...
CVE-2021-47882 FreeLAN 2.2 - 'FreeLAN Service' Unquoted Service Path
FreeLAN 2.2 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with elevated LocalSystem privileges during...
CVE-2021-47828
BOOTP Turbo 2.0.0.1253 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to execute arbitrary code with elevated LocalSystem privileges during system startup or reboot...
CVE-2021-47809 Disk Sorter Enterprise 13.6.12 - 'Disk Sorter Enterprise' Unquoted Service Path
Disk Sorter Enterprise 13.6.12 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Disk Sorter Enterprise\bin\disksrs.exe' to inject...
Selea CarPlateServer 代码问题漏洞
Selea CarPlateServer is a license plate recognition software from the Italian company Selea. A code issue vulnerability exists in Selea CarPlateServer version 4.0.1.6, which stems from the presence of unquoted service paths in the Windows service configuration, which could lead to code execution...
CVE-2024-0949 Improper Access Control in Talya Informatics' Elektraweb
Missing Authentication, Files or Directories Accessible to External Parties, Use of Hard-coded Credentials vulnerability in Talya Informatics Elektraweb allows Authentication Bypass. This issue affects Elektraweb: before v17.0.68...
CVE-2024-0949 Improper Access Control in Talya Informatics' Elektraweb
Missing Authentication, Files or Directories Accessible to External Parties, Use of Hard-coded Credentials vulnerability in Talya Informatics Elektraweb allows Authentication Bypass. This issue affects Elektraweb: before v17.0.68...