ГлавнаяУязвимости → CVE-2019-25305
7.8высокая

CVE-2019-25305

Описание

JumpStart 0.6.0.0 contains an unquoted service path vulnerability in the jswpbapi service running with LocalSystem privileges. Attackers can exploit the unquoted path containing spaces to inject and execute malicious code with elevated system permissions.

CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.exploit-db.com/exploits/47549https://www.inforprograma.net/https://www.vulncheck.com/advisories/jumpstart-jswpbapi-unquoted-service-path