| Title | Muse Group MuseHub 2.1.0.1567 Unquoted Search Path |
|---|
| Description | When a Windows service is configured with an executable path that contains spaces but the path is not quoted, Windows may search for and attempt to execute an executable at intermediate path segments. If one of those intermediate segments is writable by a low-privileged local user, an attacker can place an executable at that location which may be executed by the service on start or restart. In this case the service points to an unquoted path under C:\Program Files\... and evidence shows C:\Program is writable. That creates an unquoted service path vulnerability enabling local low-privileged users to achieve code execution under the service account when the service launches. |
|---|
| Source | ⚠️ https://github.com/lakshayyverma/CVE-Discovery/blob/main/Musehub.md |
|---|
| User | lakshay12311 (UID 91298) |
|---|
| Submission | 11/02/2025 11:28 (6 months ago) |
|---|
| Moderation | 11/19/2025 17:52 (17 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 332977 [Muse Group MuseHub 2.1.0.1567 Windows Service Muse.Updater.exe unquoted search path] |
|---|
| Points | 20 |
|---|