exploitDog

GHSA-w8c5-v27m-v5ch

Опубликовано: 14 апр. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:(F) access.

Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:(F) access.

Ссылки

EPSS

Процентиль: 85%

0.02407

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-276

Связанные уязвимости

CVE-2023-26918

CVSS3: 9.8

nvd

почти 3 года назад

Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:(F) access.

EPSS

Процентиль: 85%

0.02407

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-276