CVE-2023-2417

Published: Apr 29, 2023Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A vulnerability was found in ks-soft Advanced Host Monitor up to 12.56 and classified as problematic. Affected by this issue is some unknown functionality of the file C:\Program Files (x86)\HostMonitor\RMA-Win\rma_active.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 12.60 is able to address this issue. It is recommended to upgrade the affected component. VDB-227714 is the identifier assigned to this vulnerability.

Affected (1)

Products: Ks Soft: Advanced Host Monitor

1 product

Advanced Host Monitor

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ks Soft Advanced Host Monitor	Up to 12.56

Related CWEs

Unquoted Search Path or Element

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

References (6)

http://packetstormsecurity.com/files/172105/Advanced-Host-Monitor-12.56-Unquoted-Service-Path.html

Source: cna@vuldb.com

ExploitThird Party AdvisoryVDB Entry

https://vuldb.com/?ctiid.227714

Source: cna@vuldb.com

Permissions Required

https://vuldb.com/?id.227714

Source: cna@vuldb.com

Permissions Required

http://packetstormsecurity.com/files/172105/Advanced-Host-Monitor-12.56-Unquoted-Service-Path.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

https://vuldb.com/?ctiid.227714

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

https://vuldb.com/?id.227714

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

Timeline

No history available yet.