exploitDog

CVE-2021-47780

Опубликовано: 16 янв. 2026

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permissions during service startup.

Ссылки

http://www.macro-expert.com/
Product
https://www.exploit-db.com/exploits/50431
Exploit
Third Party Advisory
https://www.vulncheck.com/advisories/macro-expert-unquoted-service-path
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:macro-expert:macro_expert:4.7:*:*:*:*:*:*:*

EPSS

Процентиль: 1%

0.00011

Низкий

7.8 High

CVSS3

Дефекты

CWE-428

Связанные уязвимости

GHSA-mq6j-m5v8-2rmr

CVSS3: 7.8

github

23 дня назад

Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permissions during service startup.

EPSS

Процентиль: 1%

0.00011

Низкий

7.8 High

CVSS3

Дефекты

CWE-428