Описание
Shrew Soft VPN Client 2.2.2 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can place malicious executables in the unquoted service path to gain elevated access during service startup or system reboot.
EPSS
Процентиль: 1%
0.00012
Низкий
7.8 High
CVSS3
Дефекты
CWE-428
Связанные уязвимости
CVSS3: 7.8
debian
3 дня назад
Shrew Soft VPN Client 2.2.2 contains an unquoted service path vulnerab ...
CVSS3: 7.8
github
3 дня назад
Shrew Soft VPN Client 2.2.2 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can place malicious executables in the unquoted service path to gain elevated access during service startup or system reboot.
EPSS
Процентиль: 1%
0.00012
Низкий
7.8 High
CVSS3
Дефекты
CWE-428