CVE-2025-4540

Опубликовано: 11 мая 2025

Источник: nvd

CVSS3: 7

CVSS2: 6

EPSS Низкий

Описание

A vulnerability was found in MTSoftware C-Lodop 6.6.1.1 on Windows. It has been rated as critical. This issue affects some unknown processing of the component CLodopPrintService. The manipulation leads to unquoted search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 6.6.13 is able to address this issue. It is recommended to upgrade the affected component.

Ссылки

https://0nightsedge0.github.io/2025/05/14/CVE-2025-4540-C-Lodop/
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.308285
Permissions Required
VDB Entry
https://vuldb.com/?id.308285
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.566789
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.566789
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:lodop:c-lodop:6.6.1.1:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 5%

0.0002

Низкий

7 High

CVSS3

6 Medium

CVSS2

Дефекты

CWE-426

CWE-428

Связанные уязвимости

GHSA-5w6r-h2m8-3mxg

CVSS3: 7

github

9 месяцев назад

A vulnerability was found in MTSoftware C-Lodop 6.6.1.1. It has been rated as critical. This issue affects some unknown processing of the component CLodopPrintService. The manipulation leads to unquoted search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 6.6.13 is able to address this issue. It is recommended to upgrade the affected component.

EPSS

Процентиль: 5%

0.0002

Низкий

7 High

CVSS3

6 Medium

CVSS2

Дефекты

CWE-426

CWE-428