Back to CVE List

CVE-2021-47886

HIGH SEVERITY

CVSS Score & Metrics

Base Score
7.8 / 10
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Description

Pingzapper 2.3.1 contains an unquoted service path vulnerability in the PingzapperSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\Pingzapper\PZService.exe' to inject malicious executables and escalate privileges.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-428
Source
NVD
Vendor
Fyrolabs LLC.
Product
Pingzapper

External References

Discussion (0)

Add Comment

No comments yet. Be the first!