Описание
Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.
Комментарий
Ссылки
- Broken Link
- Exploit
- Exploit
- Exploit
- Third Party Advisory
- Broken Link
- Exploit
- Exploit
- Exploit
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:openvpn:openvpn:2.1.28.0:*:*:*:*:*:*:*
cpe:2.3:a:privatetunnel:privatetunnel:2.3.8:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00637
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-428
Связанные уязвимости
github
около 3 лет назад
Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 (Windows) and OpenVPN Connect version 3.1 (Windows) allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder.
EPSS
Процентиль: 69%
0.00637
Низкий
6.9 Medium
CVSS2
Дефекты
CWE-428