| 제목 | Muse Group MuseHub 2.1.0.1567 Unquoted Search Path |
|---|
| 설명 | When a Windows service is configured with an executable path that contains spaces but the path is not quoted, Windows may search for and attempt to execute an executable at intermediate path segments. If one of those intermediate segments is writable by a low-privileged local user, an attacker can place an executable at that location which may be executed by the service on start or restart. In this case the service points to an unquoted path under C:\Program Files\... and evidence shows C:\Program is writable. That creates an unquoted service path vulnerability enabling local low-privileged users to achieve code execution under the service account when the service launches. |
|---|
| 원천 | ⚠️ https://github.com/lakshayyverma/CVE-Discovery/blob/main/Musehub.md |
|---|
| 사용자 | lakshay12311 (UID 91298) |
|---|
| 제출 | 2025. 11. 02. AM 11:28 (6 개월 ago) |
|---|
| 모더레이션 | 2025. 11. 19. PM 05:52 (17 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 332977 [Muse Group MuseHub 2.1.0.1567 Windows Service Muse.Updater.exe 권한 상승] |
|---|
| 포인트들 | 20 |
|---|