| शीर्षक | Muse Group MuseHub 2.1.0.1567 Unquoted Search Path |
|---|
| विवरण | When a Windows service is configured with an executable path that contains spaces but the path is not quoted, Windows may search for and attempt to execute an executable at intermediate path segments. If one of those intermediate segments is writable by a low-privileged local user, an attacker can place an executable at that location which may be executed by the service on start or restart. In this case the service points to an unquoted path under C:\Program Files\... and evidence shows C:\Program is writable. That creates an unquoted service path vulnerability enabling local low-privileged users to achieve code execution under the service account when the service launches. |
|---|
| स्रोत | ⚠️ https://github.com/lakshayyverma/CVE-Discovery/blob/main/Musehub.md |
|---|
| उपयोगकर्ता | lakshay12311 (UID 91298) |
|---|
| सबमिशन | 02/11/2025 11:28 AM (6 महीनों पहले) |
|---|
| संयम | 19/11/2025 05:52 PM (17 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 332977 [Muse Group MuseHub 2.1.0.1567 Windows Service Muse.Updater.exe अधिकार वृद्धि] |
|---|
| अंक | 20 |
|---|