exploitDog

CVE-2022-50933

Опубликовано: 13 янв. 2026

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

Cain & Abel 4.9.56 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions.

Ссылки

https://www.exploit-db.com/exploits/50728
Exploit
https://www.malavida.com/en/soft/cain-and-abel
Broken Link
https://www.vulncheck.com/advisories/cain-abel-unquoted-service-path
Third Party Advisory
https://www.exploit-db.com/exploits/50728
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:malavida:cain_\&_abel:4.9.56:*:*:*:*:*:*:*

EPSS

Процентиль: 1%

0.00011

Низкий

7.8 High

CVSS3

Дефекты

CWE-428

Связанные уязвимости

GHSA-752g-596j-f4g5

CVSS3: 8.4

github

25 дней назад

Cain & Abel 4.9.56 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions.

EPSS

Процентиль: 1%

0.00011

Низкий

7.8 High

CVSS3

Дефекты

CWE-428