exploitDog

GHSA-qrgv-vwfh-8wq2

Опубликовано: 09 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 8.4

CVSS3: 6.7

Описание

Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.

Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.

Ссылки

EPSS

Процентиль: 5%

0.00021

Низкий

8.4 High

CVSS4

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-428

Связанные уязвимости

CVE-2025-66271

CVSS3: 6.7

nvd

2 месяца назад

Clone for Windows provided by ELECOM CO.,LTD. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.

EPSS

Процентиль: 5%

0.00021

Низкий

8.4 High

CVSS4

6.7 Medium

CVSS3

CVE ID

Дефекты

CWE-428