CVE-2017-20218 in Serviio Pro信息

摘要

由 MITRE • 2026-03-16

Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users group allow authenticated users to replace the executable file with arbitrary binaries, enabling privilege escalation during service startup or system reboot.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

负责

VulnCheck

预定

2026-03-15

披露

2026-03-16

管理

已接受

条目

VDB-351175

CPE

准备好

CWE

CWE-428 (已确认)

CVSS

7.8 (CNA)

EPSS

0.00019

KEV

否

活动

非常低

来源

MITRE	https://www.cve.org/CVERecord?id=CVE-2017-20218
NVD	https://nvd.nist.gov/vuln/detail/CVE-2017-20218
CVE Details	https://www.cvedetails.com/cve/CVE-2017-20218/

◂ 上一步一览下一步 ▸

Might our Artificial Intelligence support you?

Check our Alexa App!