exploitDog

CVE-2023-53947

Опубликовано: 19 дек. 2025

Источник: nvd

CVSS3: 8.4

EPSS Низкий

Описание

OCS Inventory NG 2.3.0.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to system level. Attackers can place a malicious executable in the unquoted service path and trigger the service restart to execute code with elevated system privileges.

Ссылки

EPSS

Процентиль: 3%

0.00015

Низкий

8.4 High

CVSS3

Дефекты

CWE-428

Связанные уязвимости

GHSA-qhww-qrj4-8v34

CVSS3: 8.4

github

около 2 месяцев назад

OCS Inventory NG 2.3.0.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to system level. Attackers can place a malicious executable in the unquoted service path and trigger the service restart to execute code with elevated system privileges.

EPSS

Процентиль: 3%

0.00015

Низкий

8.4 High

CVSS3

Дефекты

CWE-428