CWE-428
AllowedUnquoted Search Path or Element
Abstraction: Base · Status: Draft
The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
761 vulnerabilities reference this CWE, most recent first.
CVE-2024-58288 (GCVE-0-2024-58288)
Vulnerability from cvelistv5 – Published: 2025-12-11 21:33 – Updated: 2025-12-18 19:39- CWE-428 - Unquoted Search Path or Element
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/52065 | exploit |
| https://www.genexus.com/es/ | product |
| https://www.genexus.com/en/developers/downloadcen… | product |
| https://www.vulncheck.com/advisories/genexus-prot… | third-party-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Genexus | Genexus Protection Server |
Affected:
9.7.2.10
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-58288",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-18T19:39:23.224695Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T19:39:32.649Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Genexus Protection Server",
"vendor": "Genexus",
"versions": [
{
"status": "affected",
"version": "9.7.2.10"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "SamAlucard, Sam Alucard"
}
],
"datePublic": "2024-07-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eGenexus Protection Server 9.7.2.10 contains an unquoted service path vulnerability in the protsrvservice Windows service configuration. Attackers can exploit the unquoted binary path to execute arbitrary code with elevated LocalSystem privileges by placing malicious executables in specific file system locations.\u003c/p\u003e"
}
],
"value": "Genexus Protection Server 9.7.2.10 contains an unquoted service path vulnerability in the protsrvservice Windows service configuration. Attackers can exploit the unquoted binary path to execute arbitrary code with elevated LocalSystem privileges by placing malicious executables in specific file system locations."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428: Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-11T21:33:58.572Z",
"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"shortName": "VulnCheck"
},
"references": [
{
"name": "ExploitDB-52065",
"tags": [
"exploit"
],
"url": "https://www.exploit-db.com/exploits/52065"
},
{
"name": "Official Genexus Homepage",
"tags": [
"product"
],
"url": "https://www.genexus.com/es/"
},
{
"name": "Genexus Software Download Center",
"tags": [
"product"
],
"url": "https://www.genexus.com/en/developers/downloadcenter?data=;;"
},
{
"name": "VulnCheck Advisory: Genexus Protection Server 9.7.2.10 Unquoted Service Path Privilege Escalation",
"tags": [
"third-party-advisory"
],
"url": "https://www.vulncheck.com/advisories/genexus-protection-server-unquoted-service-path-privilege-escalation"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Genexus Protection Server 9.7.2.10 Unquoted Service Path Privilege Escalation",
"x_generator": {
"engine": "vulncheck"
}
}
},
"cveMetadata": {
"assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
"assignerShortName": "VulnCheck",
"cveId": "CVE-2024-58288",
"datePublished": "2025-12-11T21:33:58.572Z",
"dateReserved": "2025-12-10T23:46:14.009Z",
"dateUpdated": "2025-12-18T19:39:32.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-43457 (GCVE-0-2024-43457)
Vulnerability from cvelistv5 – Published: 2024-09-10 16:54 – Updated: 2024-12-31 23:03- CWE-428 - Unquoted Search Path or Element
| URL | Tags |
|---|---|
| https://msrc.microsoft.com/update-guide/vulnerabi… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Microsoft | Windows 11 Version 24H2 |
Affected:
10.0.26100.0 , < 10.0.26100.1742
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43457",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T18:16:21.797855Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T18:28:17.672Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"ARM64-based Systems",
"x64-based Systems"
],
"product": "Windows 11 Version 24H2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "10.0.26100.1742",
"status": "affected",
"version": "10.0.26100.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_11_24H2:*:*:*:*:*:*:arm64:*",
"versionEndExcluding": "10.0.26100.1742",
"versionStartIncluding": "10.0.26100.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-09-10T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Windows Setup and Deployment Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428: Unquoted Search Path or Element",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T23:03:18.698Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Windows Setup and Deployment Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43457"
}
],
"title": "Windows Setup and Deployment Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-43457",
"datePublished": "2024-09-10T16:54:13.203Z",
"dateReserved": "2024-08-14T01:08:33.515Z",
"dateUpdated": "2024-12-31T23:03:18.698Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36321 (GCVE-0-2024-36321)
Vulnerability from cvelistv5 – Published: 2025-05-13 17:05 – Updated: 2026-02-26 18:28- CWE-428 - Unquoted Search Path or Element
| Vendor | Product | Version | |
|---|---|---|---|
| AMD | AIM-T Manageability Service |
Unaffected:
4.0.0.891
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36321",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T03:55:42.673623Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T18:28:25.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "AIM-T Manageability Service",
"vendor": "AMD",
"versions": [
{
"status": "unaffected",
"version": "4.0.0.891"
}
]
}
],
"datePublic": "2025-05-13T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Unquoted search path within AIM-T Manageability Service can allow a local attacker to escalate privileges, potentially resulting in arbitrary code execution.\u003cbr\u003e"
}
],
"value": "Unquoted search path within AIM-T Manageability Service can allow a local attacker to escalate privileges, potentially resulting in arbitrary code execution."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-13T17:05:09.839Z",
"orgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"shortName": "AMD"
},
"references": [
{
"url": "https://www.amd.com/en/resources/product-security/bulletin/amd-sb-9015.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "b58fc414-a1e4-4f92-9d70-1add41838648",
"assignerShortName": "AMD",
"cveId": "CVE-2024-36321",
"datePublished": "2025-05-13T17:05:09.839Z",
"dateReserved": "2024-05-23T19:44:40.301Z",
"dateUpdated": "2026-02-26T18:28:25.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-34010 (GCVE-0-2024-34010)
Vulnerability from cvelistv5 – Published: 2024-04-29 15:48 – Updated: 2026-04-10 13:16| URL | Tags |
|---|---|
| https://security-advisory.acronis.com/advisories/… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Acronis | Acronis Cyber Protect Cloud Agent |
Affected:
unspecified , < 37758
(semver)
|
|
| Acronis | Acronis Cyber Protect 16 |
Affected:
unspecified , < 38690
(semver)
|
|
| Acronis | Acronis True Image |
Affected:
unspecified , < 42386
(semver)
|
|
| Acronis | Acronis True Image OEM |
Affected:
unspecified , < 42575
(semver)
|
|
| acronis | cyber_protect_cloud_agent |
Affected:
- , < build_37758
(custom)
cpe:2.3:a:acronis:cyber_protect_cloud_agent:-:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:acronis:cyber_protect_cloud_agent:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cyber_protect_cloud_agent",
"vendor": "acronis",
"versions": [
{
"lessThan": "build_37758",
"status": "affected",
"version": "-",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-34010",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-29T16:59:36.817995Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:42:35.400Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T02:42:59.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SEC-7110",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-7110"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Acronis Cyber Protect Cloud Agent",
"vendor": "Acronis",
"versions": [
{
"lessThan": "37758",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Acronis Cyber Protect 16",
"vendor": "Acronis",
"versions": [
{
"lessThan": "38690",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Acronis True Image",
"vendor": "Acronis",
"versions": [
{
"lessThan": "42386",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Acronis True Image OEM",
"vendor": "Acronis",
"versions": [
{
"lessThan": "42575",
"status": "affected",
"version": "unspecified",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "@cyberexplorer (https://hackerone.com/cyberexplorer)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386, Acronis True Image OEM (Windows) before build 42575."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-10T13:16:47.709Z",
"orgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"shortName": "Acronis"
},
"references": [
{
"name": "SEC-7110",
"tags": [
"vendor-advisory"
],
"url": "https://security-advisory.acronis.com/advisories/SEC-7110"
}
],
"x_generator": {
"engine": "cvelib 1.8.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "73dc0fef-1c66-4a72-9d2d-0a0f4012c175",
"assignerShortName": "Acronis",
"cveId": "CVE-2024-34010",
"datePublished": "2024-04-29T15:48:14.398Z",
"dateReserved": "2024-04-29T15:33:32.845Z",
"dateUpdated": "2026-04-10T13:16:47.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-31226 (GCVE-0-2024-31226)
Vulnerability from cvelistv5 – Published: 2024-05-16 18:12 – Updated: 2024-08-15 14:28- CWE-428 - Unquoted Search Path or Element
| URL | Tags |
|---|---|
| https://github.com/LizardByte/Sunshine/security/a… | x_refsource_CONFIRM |
| https://github.com/LizardByte/Sunshine/pull/2379 | x_refsource_MISC |
| https://github.com/LizardByte/Sunshine/commit/93e… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| LizardByte | Sunshine |
Affected:
>= 0.17.0, < 0.23.0
|
|
| lizardbyte | sunshine |
Affected:
0.17 , < 0.23
(custom)
cpe:2.3:a:lizardbyte:sunshine:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:46:04.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/LizardByte/Sunshine/security/advisories/GHSA-r3rw-mx4q-7vfp",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/LizardByte/Sunshine/security/advisories/GHSA-r3rw-mx4q-7vfp"
},
{
"name": "https://github.com/LizardByte/Sunshine/pull/2379",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/LizardByte/Sunshine/pull/2379"
},
{
"name": "https://github.com/LizardByte/Sunshine/commit/93e622342c4f3e9b34f5f265039b6775b8e33a7a",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/LizardByte/Sunshine/commit/93e622342c4f3e9b34f5f265039b6775b8e33a7a"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:lizardbyte:sunshine:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "sunshine",
"vendor": "lizardbyte",
"versions": [
{
"lessThan": "0.23",
"status": "affected",
"version": "0.17",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31226",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-23T20:37:55.439986Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T14:28:39.036Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Sunshine",
"vendor": "LizardByte",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.17.0, \u003c 0.23.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named `C:\\Program.exe`, `C:\\Program.bat`, or `C:\\Program.cmd` on the user\u0027s computer. This attack vector isn\u0027t exploitable unless the user has manually loosened ACLs on the system drive. If the user\u0027s system locale is not English, then the name of the executable will likely vary. Version 0.23.0 contains a patch for the issue. Some workarounds are available. One may identify and block potentially malicious software executed path interception by using application control tools, like Windows Defender Application Control, AppLocker, or Software Restriction Policies where appropriate. Alternatively, ensure that proper permissions and directory access control are set to deny users the ability to write files to the top-level directory `C:`. Require that all executables be placed in write-protected directories."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428: Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-16T18:12:57.081Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/LizardByte/Sunshine/security/advisories/GHSA-r3rw-mx4q-7vfp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/LizardByte/Sunshine/security/advisories/GHSA-r3rw-mx4q-7vfp"
},
{
"name": "https://github.com/LizardByte/Sunshine/pull/2379",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/LizardByte/Sunshine/pull/2379"
},
{
"name": "https://github.com/LizardByte/Sunshine/commit/93e622342c4f3e9b34f5f265039b6775b8e33a7a",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/LizardByte/Sunshine/commit/93e622342c4f3e9b34f5f265039b6775b8e33a7a"
}
],
"source": {
"advisory": "GHSA-r3rw-mx4q-7vfp",
"discovery": "UNKNOWN"
},
"title": "Sunshine\u0027s unquoted executable path could lead to hijacked execution flow"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-31226",
"datePublished": "2024-05-16T18:12:57.081Z",
"dateReserved": "2024-03-29T14:16:31.902Z",
"dateUpdated": "2024-08-15T14:28:39.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31201 (GCVE-0-2024-31201)
Vulnerability from cvelistv5 – Published: 2024-07-31 13:17 – Updated: 2024-08-01 14:52- CWE-428 - Unquoted Search Path or Element
| Vendor | Product | Version | |
|---|---|---|---|
| Plug&Track | Thermoscan IP |
Affected:
20211103
(semver)
|
|
| plug_and_track | thermoscan_ip |
Affected:
20211103
cpe:2.3:a:plug_and_track:thermoscan_ip:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:plug_and_track:thermoscan_ip:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "thermoscan_ip",
"vendor": "plug_and_track",
"versions": [
{
"status": "affected",
"version": "20211103"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31201",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T14:50:54.714006Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-01T14:52:47.793Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"platforms": [
"Windows"
],
"product": "Thermoscan IP",
"vendor": "Plug\u0026Track",
"versions": [
{
"status": "affected",
"version": "20211103",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Diego Zaffaroni of Nozomi Networks found this bug during a security research activity."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A \u201cCWE-428: Unquoted Search Path or Element\u201d affects the ThermoscanIP_Scrutation service. Such misconfiguration could be abused in scenarios where incorrect permissions were assigned to the C:\\ path to attempt a privilege escalation on the local machine."
}
],
"value": "A \u201cCWE-428: Unquoted Search Path or Element\u201d affects the ThermoscanIP_Scrutation service. Such misconfiguration could be abused in scenarios where incorrect permissions were assigned to the C:\\ path to attempt a privilege escalation on the local machine."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-31T13:17:30.914Z",
"orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"shortName": "Nozomi"
},
"references": [
{
"url": "https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31201"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No official patch available from vendor. Conduct regular and thorough reviews of logs and user accounts on systems running the Thermoscan IP software. This will help identify and address any suspicious activities early, ensuring that any potential security breaches are caught and remediated swiftly."
}
],
"value": "No official patch available from vendor. Conduct regular and thorough reviews of logs and user accounts on systems running the Thermoscan IP software. This will help identify and address any suspicious activities early, ensuring that any potential security breaches are caught and remediated swiftly."
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
"assignerShortName": "Nozomi",
"cveId": "CVE-2024-31201",
"datePublished": "2024-07-31T13:17:30.914Z",
"dateReserved": "2024-03-29T08:32:14.699Z",
"dateUpdated": "2024-08-01T14:52:47.793Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25552 (GCVE-0-2024-25552)
Vulnerability from cvelistv5 – Published: 2024-03-01 07:49 – Updated: 2024-08-26 18:33- CWE-428 - Unquoted Search Path or Element
| Vendor | Product | Version | |
|---|---|---|---|
| W&T | Com Redirector PnP |
Affected:
4.42
|
|
| W&T | Com Redirector Legacy |
Affected:
3.93
|
|
| W&T | OPC-Server |
Affected:
4.88
|
|
| wut | com-redirector |
Affected:
4.42
cpe:2.3:h:wut:com-redirector:*:*:*:*:*:*:*:* |
|
| wut | opc-server |
Affected:
4.88
cpe:2.3:h:wut:opc-server:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:44:09.640Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-018"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:wut:com-redirector:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "com-redirector",
"vendor": "wut",
"versions": [
{
"status": "affected",
"version": "4.42"
}
]
},
{
"cpes": [
"cpe:2.3:h:wut:opc-server:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "opc-server",
"vendor": "wut",
"versions": [
{
"status": "affected",
"version": "4.88"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25552",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-04T20:23:20.919936Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-26T18:33:44.194Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Com Redirector PnP",
"vendor": "W\u0026T",
"versions": [
{
"status": "affected",
"version": "4.42"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Com Redirector Legacy",
"vendor": "W\u0026T",
"versions": [
{
"status": "affected",
"version": "3.93"
}
]
},
{
"defaultStatus": "unaffected",
"product": "OPC-Server",
"vendor": "W\u0026T",
"versions": [
{
"status": "affected",
"version": "4.88"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A local attacker can gain administrative privileges by inserting an executable file in the path of the affected product."
}
],
"value": "A local attacker can gain administrative privileges by inserting an executable file in the path of the affected product."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-07T08:47:40.341Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-018"
}
],
"source": {
"advisory": "VDE-2024-018",
"defect": [
"CERT@VDE#64655"
],
"discovery": "UNKNOWN"
},
"title": "Wiesemann \u0026 Theis: Multiple products prone to unquoted search path",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-25552",
"datePublished": "2024-03-01T07:49:41.683Z",
"dateReserved": "2024-02-07T09:21:45.248Z",
"dateUpdated": "2024-08-26T18:33:44.194Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22437 (GCVE-0-2024-22437)
Vulnerability from cvelistv5 – Published: 2024-04-15 09:21 – Updated: 2024-08-01 22:43- CWE-428 - Unquoted Search Path or Element
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise | HPE MSA SAN Storage VSS Provider and CAPI Proxy Software |
Affected:
N/A , < 4.1.3.83
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22437",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-15T13:13:01.628436Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-25T15:51:08.406Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.946Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbst04630en_us"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "HPE MSA SAN Storage VSS Provider and CAPI Proxy Software",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"lessThan": "4.1.3.83",
"status": "affected",
"version": "N/A",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "R Cooper of Environtec Limited"
}
],
"datePublic": "2024-04-02T09:13:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA potential security vulnerability has been identified in VSS Provider and CAPI Proxy software for certain HPE MSA storage products. This vulnerability could be exploited to gain elevated privilege on the system.\u003c/span\u003e\n\n"
}
],
"value": "\nA potential security vulnerability has been identified in VSS Provider and CAPI Proxy software for certain HPE MSA storage products. This vulnerability could be exploited to gain elevated privilege on the system.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-15T09:21:40.627Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US\u0026docId=hpesbst04630en_us"
}
],
"source": {
"advisory": "HPESBST04630",
"discovery": "UNKNOWN"
},
"title": "HPE MSA SAN Storage VSS Provider and CAPI Proxy Software, Elevation of Privilege",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2024-22437",
"datePublished": "2024-04-15T09:21:40.627Z",
"dateReserved": "2024-01-10T15:24:39.966Z",
"dateUpdated": "2024-08-01T22:43:34.946Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9325 (GCVE-0-2024-9325)
Vulnerability from cvelistv5 – Published: 2024-09-29 07:31 – Updated: 2024-11-04 19:13| URL | Tags |
|---|---|
| https://vuldb.com/?id.278829 | vdb-entrytechnical-description |
| https://vuldb.com/?ctiid.278829 | signaturepermissions-required |
| https://vuldb.com/?submit.385397 | third-party-advisory |
| https://backend.intelbras.com/sites/default/files… | related |
| https://download.cronos.intelbras.com.br/download… | patch |
| Vendor | Product | Version | |
|---|---|---|---|
| Intelbras | InControl |
Affected:
2.21.0
Affected: 2.21.1 Affected: 2.21.2 Affected: 2.21.3 Affected: 2.21.4 Affected: 2.21.5 Affected: 2.21.6 Affected: 2.21.7 Affected: 2.21.8 Affected: 2.21.9 Affected: 2.21.10 Affected: 2.21.11 Affected: 2.21.12 Affected: 2.21.13 Affected: 2.21.14 Affected: 2.21.15 Affected: 2.21.16 Affected: 2.21.17 Affected: 2.21.18 Affected: 2.21.19 Affected: 2.21.20 Affected: 2.21.21 Affected: 2.21.22 Affected: 2.21.23 Affected: 2.21.24 Affected: 2.21.25 Affected: 2.21.26 Affected: 2.21.27 Affected: 2.21.28 Affected: 2.21.29 Affected: 2.21.30 Affected: 2.21.31 Affected: 2.21.32 Affected: 2.21.33 Affected: 2.21.34 Affected: 2.21.35 Affected: 2.21.36 Affected: 2.21.37 Affected: 2.21.38 Affected: 2.21.39 Affected: 2.21.40 Affected: 2.21.41 Affected: 2.21.42 Affected: 2.21.43 Affected: 2.21.44 Affected: 2.21.45 Affected: 2.21.46 Affected: 2.21.47 Affected: 2.21.48 Affected: 2.21.49 Affected: 2.21.50 Affected: 2.21.51 Affected: 2.21.52 Affected: 2.21.53 Affected: 2.21.54 Affected: 2.21.55 Affected: 2.21.56 |
|
| intelbras | incontrol |
Affected:
0 , ≤ 2.21.56
(custom)
cpe:2.3:a:intelbras:incontrol:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intelbras:incontrol:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "incontrol",
"vendor": "intelbras",
"versions": [
{
"lessThanOrEqual": "2.21.56",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9325",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T19:34:40.235187Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T19:37:52.776Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "InControl",
"vendor": "Intelbras",
"versions": [
{
"status": "affected",
"version": "2.21.0"
},
{
"status": "affected",
"version": "2.21.1"
},
{
"status": "affected",
"version": "2.21.2"
},
{
"status": "affected",
"version": "2.21.3"
},
{
"status": "affected",
"version": "2.21.4"
},
{
"status": "affected",
"version": "2.21.5"
},
{
"status": "affected",
"version": "2.21.6"
},
{
"status": "affected",
"version": "2.21.7"
},
{
"status": "affected",
"version": "2.21.8"
},
{
"status": "affected",
"version": "2.21.9"
},
{
"status": "affected",
"version": "2.21.10"
},
{
"status": "affected",
"version": "2.21.11"
},
{
"status": "affected",
"version": "2.21.12"
},
{
"status": "affected",
"version": "2.21.13"
},
{
"status": "affected",
"version": "2.21.14"
},
{
"status": "affected",
"version": "2.21.15"
},
{
"status": "affected",
"version": "2.21.16"
},
{
"status": "affected",
"version": "2.21.17"
},
{
"status": "affected",
"version": "2.21.18"
},
{
"status": "affected",
"version": "2.21.19"
},
{
"status": "affected",
"version": "2.21.20"
},
{
"status": "affected",
"version": "2.21.21"
},
{
"status": "affected",
"version": "2.21.22"
},
{
"status": "affected",
"version": "2.21.23"
},
{
"status": "affected",
"version": "2.21.24"
},
{
"status": "affected",
"version": "2.21.25"
},
{
"status": "affected",
"version": "2.21.26"
},
{
"status": "affected",
"version": "2.21.27"
},
{
"status": "affected",
"version": "2.21.28"
},
{
"status": "affected",
"version": "2.21.29"
},
{
"status": "affected",
"version": "2.21.30"
},
{
"status": "affected",
"version": "2.21.31"
},
{
"status": "affected",
"version": "2.21.32"
},
{
"status": "affected",
"version": "2.21.33"
},
{
"status": "affected",
"version": "2.21.34"
},
{
"status": "affected",
"version": "2.21.35"
},
{
"status": "affected",
"version": "2.21.36"
},
{
"status": "affected",
"version": "2.21.37"
},
{
"status": "affected",
"version": "2.21.38"
},
{
"status": "affected",
"version": "2.21.39"
},
{
"status": "affected",
"version": "2.21.40"
},
{
"status": "affected",
"version": "2.21.41"
},
{
"status": "affected",
"version": "2.21.42"
},
{
"status": "affected",
"version": "2.21.43"
},
{
"status": "affected",
"version": "2.21.44"
},
{
"status": "affected",
"version": "2.21.45"
},
{
"status": "affected",
"version": "2.21.46"
},
{
"status": "affected",
"version": "2.21.47"
},
{
"status": "affected",
"version": "2.21.48"
},
{
"status": "affected",
"version": "2.21.49"
},
{
"status": "affected",
"version": "2.21.50"
},
{
"status": "affected",
"version": "2.21.51"
},
{
"status": "affected",
"version": "2.21.52"
},
{
"status": "affected",
"version": "2.21.53"
},
{
"status": "affected",
"version": "2.21.54"
},
{
"status": "affected",
"version": "2.21.55"
},
{
"status": "affected",
"version": "2.21.56"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "j369 (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\\Program Files (x86)\\Intelbras\\Incontrol Cliente\\incontrol_webcam\\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in Intelbras InControl bis 2.21.56 entdeckt. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei C:\\Program Files (x86)\\Intelbras\\Incontrol Cliente\\incontrol_webcam\\incontrol-service-watchdog.exe. Dank Manipulation mit unbekannten Daten kann eine unquoted search path-Schwachstelle ausgenutzt werden. Der Angriff muss lokal erfolgen. Ein Aktualisieren auf die Version 2.21.58 vermag dieses Problem zu l\u00f6sen. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 6.8,
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "Unquoted Search Path",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-426",
"description": "Untrusted Search Path",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T19:13:10.172Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-278829 | Intelbras InControl incontrol-service-watchdog.exe unquoted search path",
"tags": [
"vdb-entry",
"technical-description"
],
"url": "https://vuldb.com/?id.278829"
},
{
"name": "VDB-278829 | CTI Indicators (IOB, IOC, TTP, IOA)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.278829"
},
{
"name": "Submit #385397 | Intelbras InControl 2.21.56 Unquoted Search Path",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.385397"
},
{
"tags": [
"related"
],
"url": "https://backend.intelbras.com/sites/default/files/2024-10/Aviso%20de%20Seguran%C3%A7a%20-%20Incontrol%202.21.56%20e%202.21.57.pdf"
},
{
"tags": [
"patch"
],
"url": "https://download.cronos.intelbras.com.br/download/INCONTROL/INCONTROL-WEB/prod/INCONTROL-WEB-2.21.58-233dfd1ac1e2ca3eabb71c854005c78b.exe"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-28T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-09-28T02:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-11-04T20:17:01.000Z",
"value": "VulDB entry last update"
}
],
"title": "Intelbras InControl incontrol-service-watchdog.exe unquoted search path"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-9325",
"datePublished": "2024-09-29T07:31:04.316Z",
"dateReserved": "2024-09-28T13:30:20.245Z",
"dateUpdated": "2024-11-04T19:13:10.172Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9287 (GCVE-0-2024-9287)
Vulnerability from cvelistv5 – Published: 2024-10-22 16:34 – Updated: 2025-11-03 22:33- CWE-428 - Unquoted Search Path or Element
| Vendor | Product | Version | |
|---|---|---|---|
| Python Software Foundation | CPython |
Affected:
0 , < 3.9.21
(python)
Affected: 3.10.0 , < 3.10.16 (python) Affected: 3.11.0 , < 3.11.11 (python) Affected: 3.12.0 , < 3.12.8 (python) Affected: 3.13.0 , < 3.13.1 (python) Affected: 3.14.0a1 , < 3.14.0a2 (python) |
|
| python | cpython |
Affected:
0 , ≤ 3.13.0
(python)
cpe:2.3:a:python:cpython:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:python:cpython:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "cpython",
"vendor": "python",
"versions": [
{
"lessThanOrEqual": "3.13.0",
"status": "affected",
"version": "0",
"versionType": "python"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9287",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-22T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-23T03:55:30.029Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T22:33:21.116Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20250425-0006/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00000.html"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00024.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"venv"
],
"product": "CPython",
"repo": "https://github.com/python/cpython",
"vendor": "Python Software Foundation",
"versions": [
{
"lessThan": "3.9.21",
"status": "affected",
"version": "0",
"versionType": "python"
},
{
"lessThan": "3.10.16",
"status": "affected",
"version": "3.10.0",
"versionType": "python"
},
{
"lessThan": "3.11.11",
"status": "affected",
"version": "3.11.0",
"versionType": "python"
},
{
"lessThan": "3.12.8",
"status": "affected",
"version": "3.12.0",
"versionType": "python"
},
{
"lessThan": "3.13.1",
"status": "affected",
"version": "3.13.0",
"versionType": "python"
},
{
"lessThan": "3.14.0a2",
"status": "affected",
"version": "3.14.0a1",
"versionType": "python"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment \"activation\" scripts (ie \"source venv/bin/activate\"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren\u0027t activated before being used (ie \"./venv/bin/python\") are not affected.\u003cbr\u003e"
}
],
"value": "A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment \"activation\" scripts (ie \"source venv/bin/activate\"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren\u0027t activated before being used (ie \"./venv/bin/python\") are not affected."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "GREEN",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/U:Green",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-428",
"description": "CWE-428 Unquoted Search Path or Element",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-31T19:55:27.648Z",
"orgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"shortName": "PSF"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://github.com/python/cpython/issues/124651"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/pull/124712"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/e52095a0c1005a87eed2276af7a1f2f66e2b6483"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/633555735a023d3e4d92ba31da35b1205f9ecbd7"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/8450b2482586857d689b6658f08de9c8179af7db"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/9286ab3a107ea41bd3f3c3682ce2512692bdded8"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/ae961ae94bf19c8f8c7fbea3d1c25cc55ce8ae97"
},
{
"tags": [
"patch"
],
"url": "https://github.com/python/cpython/commit/d48cc82ed25e26b02eb97c6263d95dcaa1e9111b"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Virtual environment (venv) activation scripts don\u0027t quote paths",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "28c92f92-d60d-412d-b760-e73465c3df22",
"assignerShortName": "PSF",
"cveId": "CVE-2024-9287",
"datePublished": "2024-10-22T16:34:39.210Z",
"dateReserved": "2024-09-27T14:48:44.181Z",
"dateUpdated": "2025-11-03T22:33:21.116Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Mitigation
Properly quote the full search path before executing a program on the system.
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation MIT-20
Strategy: Input Validation
Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked.
No CAPEC attack patterns related to this CWE.