CVE-2024-28131 in EasyRangeinformazioni

Riassunto

di MITRE • 26/03/2024

EasyRange Ver 1.41 contains an issue with the executable file search path when displaying an extracted file on Explorer, which may lead to loading an executable file resides in the same folder where the extracted file is placed. If this vulnerability is exploited, arbitrary code may be executed with the privilege of the running program. Note that the developer was unreachable, therefore, users should consider stop using EasyRange Ver 1.41.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

05/03/2024

Divulgazione

26/03/2024

Moderazione

accettato

Voce

VDB-257952

CPE

pronto

CWE

CWE-427 (confermato)

CVSS

7.8 (CNA)

EPSS

0.00188

KEV

Attività

molto basso

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2024-28131
NVD	https://nvd.nist.gov/vuln/detail/CVE-2024-28131
CVE Details	https://www.cvedetails.com/cve/CVE-2024-28131/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you know our Splunk app?

Download it now for free!