exploitDog

GHSA-2gr9-gwrg-jc3v

Опубликовано: 29 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS4: 8.5

CVSS3: 7.8

Описание

10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in specific file path locations to achieve privilege escalation to SYSTEM during service startup.

10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in specific file path locations to achieve privilege escalation to SYSTEM during service startup.

Ссылки

EPSS

Процентиль: 2%

0.00013

Низкий

8.5 High

CVSS4

7.8 High

CVSS3

CVE ID

Дефекты

CWE-428

Связанные уязвимости

CVE-2020-37021

CVSS3: 7.8

nvd

10 дней назад

10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in specific file path locations to achieve privilege escalation to SYSTEM during service startup.

EPSS

Процентиль: 2%

0.00013

Низкий

8.5 High

CVSS4

7.8 High

CVSS3

CVE ID

Дефекты

CWE-428