Unquoted Search Path or Element

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

CVEs (426)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-64151 - - Nov 6, 2025 Nov 5, 2025 8.4 HIGH· v4 6.7 MEDIUM· v3 N/A· v2 Multiple Roboticsware products provided by Roboticsware PTE. LTD. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code...Show more Multiple Roboticsware products provided by Roboticsware PTE. LTD. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.Show less
CVE-2025-62225 - - Nov 6, 2025 Nov 5, 2025 8.4 HIGH· v4 6.7 MEDIUM· v3 N/A· v2 Optical Disc Archive Software provided by Sony Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code wit...Show more Optical Disc Archive Software provided by Sony Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.Show less
CVE-2025-12507 - - Nov 4, 2025 Oct 31, 2025 N/A· v4 8.8 HIGH· v3 N/A· v2 The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.
CVE-2025-60320 - - Oct 30, 2025 Oct 29, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 memoQ 10.1.13.ef1b2b52aae and earlier contains an unquoted service path vulnerability in the memoQ Auto Update Service (memoQauhlp101). The affected service is installed with a path containing spaces and without surround...Show more memoQ 10.1.13.ef1b2b52aae and earlier contains an unquoted service path vulnerability in the memoQ Auto Update Service (memoQauhlp101). The affected service is installed with a path containing spaces and without surrounding quotes. This misconfiguration allows local users to escalate privileges to SYSTEM by placing a malicious executable at C:\Program.exe.Show less
CVE-2025-57227 - - Oct 30, 2025 Oct 29, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 An unquoted service path in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353 allows attackers to escalate privileges via placing a crafted executable file into a parent folder.
CVE-2025-12286 - - Feb 24, 2026 Oct 27, 2025 7.3 HIGH· v4 7.0 HIGH· v3 6.0 MEDIUM· v2 A weakness has been identified in VeePN up to 1.6.2. This affects an unknown function of the file C:\Program Files (x86)\VeePN\avservice\avservice.exe of the component AVService. This manipulation causes unquoted search...Show more A weakness has been identified in VeePN up to 1.6.2. This affects an unknown function of the file C:\Program Files (x86)\VeePN\avservice\avservice.exe of the component AVService. This manipulation causes unquoted search path. The attack requires local access. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. The vendor was contacted early about this disclosure but did not respond in any way.Show less
CVE-2025-12247 - - Apr 29, 2026 Oct 27, 2025 6.4 MEDIUM· v4 7.0 HIGH· v3 6.0 MEDIUM· v2 A weakness has been identified in Hasleo Backup Suite up to 5.2. Impacted is an unknown function of the component HasleoImageMountService/HasleoBackupSuiteService. This manipulation causes unquoted search path. The attac...Show more A weakness has been identified in Hasleo Backup Suite up to 5.2. Impacted is an unknown function of the component HasleoImageMountService/HasleoBackupSuiteService. This manipulation causes unquoted search path. The attack is restricted to local execution. The attack's complexity is rated as high. The exploitability is considered difficult. The exploit has been made available to the public and could be exploited. Upgrading the affected component is advised.Show less
CVE-2025-61865 - - Dec 10, 2025 Oct 23, 2025 8.4 HIGH· v4 6.7 MEDIUM· v3 N/A· v2 Multiple NAS management applications provided by I-O DATA DEVICE, INC. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary...Show more Multiple NAS management applications provided by I-O DATA DEVICE, INC. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.Show less
CVE-2025-61871 - - Oct 14, 2025 Oct 10, 2025 8.4 HIGH· v4 6.7 MEDIUM· v3 N/A· v2 NAS Navigator2 Windows version by BUFFALO INC. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM pri...Show more NAS Navigator2 Windows version by BUFFALO INC. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.Show less
CVE-2025-57714 1Qnap 1Netbak Replicator Dec 8, 2025 Oct 3, 2025 8.5 HIGH· v4 7.8 HIGH· v3 N/A· v2 An unquoted search path or element vulnerability has been reported to affect NetBak Replicator. If a local attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands....Show more An unquoted search path or element vulnerability has been reported to affect NetBak Replicator. If a local attacker gains a user account, they can then exploit the vulnerability to execute unauthorized code or commands. We have already fixed the vulnerability in the following version: NetBak Replicator 4.5.15.0807 and laterShow less
CVE-2025-43993 1Dell 14Latitude 5350 Firmware Latitude 5550 FirmwareLatitude 7030 Rugged Extreme Tablet Firmware+11 more Jan 16, 2026 Sep 25, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 Dell Wireless 5932e and Qualcomm Snapdragon X62 Firmware and GNSS/GPS Driver, versions prior to 3.2.0.22 contain an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could potenti...Show more Dell Wireless 5932e and Qualcomm Snapdragon X62 Firmware and GNSS/GPS Driver, versions prior to 3.2.0.22 contain an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code Execution.Show less
CVE-2025-54081 1Lizardbyte 1Sunshine Oct 8, 2025 Sep 23, 2025 N/A· v4 7.0 HIGH· v3 N/A· v2 Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.923.33222, the Windows service SunshineService is installed with an unquoted executable path. If Sunshine is installed in a directory whose...Show more Sunshine is a self-hosted game stream host for Moonlight. Prior to version 2025.923.33222, the Windows service SunshineService is installed with an unquoted executable path. If Sunshine is installed in a directory whose name includes a space, the Service Control Manager (SCM) interprets the path incrementally and may execute a malicious binary placed earlier in the search string. This issue has been patched in version 2025.923.33222.Show less
CVE-2025-9818 - - Sep 17, 2025 Sep 17, 2025 N/A· v4 6.7 MEDIUM· v3 N/A· v2 A vulnerability (CWE-428) has been identified in the Uninterruptible Power Supply (UPS) management application provided by OMRON SOCIAL SOLUTIONS Co., Ltd., where the executable file paths of Windows services are not enc...Show more A vulnerability (CWE-428) has been identified in the Uninterruptible Power Supply (UPS) management application provided by OMRON SOCIAL SOLUTIONS Co., Ltd., where the executable file paths of Windows services are not enclosed in quotation marks. If the installation folder path of this product contains spaces, there is a possibility that unauthorized files may be executed under the service privileges by using paths containing spaces.Show less
CVE-2025-59307 - - Sep 17, 2025 Sep 17, 2025 8.4 HIGH· v4 6.7 MEDIUM· v3 N/A· v2 RAID Manager provided by Century Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privi...Show more RAID Manager provided by Century Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.Show less
CVE-2025-10199 1Lizardbyte 1Sunshine Nov 3, 2025 Sep 9, 2025 N/A· v4 7.8 HIGH· v3 N/A· v2 A local privilege escalation vulnerability exists in Sunshine for Windows (version v2025.122.141614 and likely prior versions) due to an unquoted service path.
CVE-2025-58400 - - Sep 5, 2025 Sep 5, 2025 8.4 HIGH· v4 6.7 MEDIUM· v3 N/A· v2 RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arb...Show more RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, Inc. registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with SYSTEM privilege.Show less
CVE-2025-39246 - - Aug 29, 2025 Aug 29, 2025 N/A· v4 5.3 MEDIUM· v3 N/A· v2 There is an Unquoted Service Path Vulnerability in some HikCentral FocSign versions. This could allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2025-5191 - - Aug 25, 2025 Aug 25, 2025 7.3 HIGH· v4 N/A· v3 N/A· v2 An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with...Show more An Unquoted Search Path vulnerability has been identified in the utility for Moxa’s industrial computers (Windows). Due to the unquoted path configuration in the SerialInterfaceService.exe utility, a local attacker with limited privileges could place a malicious executable in a higher-priority directory within the search path. When the Serial Interface service starts, the malicious executable could be run with SYSTEM privileges. Successful exploitation could allow privilege escalation or enable an attacker to maintain persistence on the affected system. While successful exploitation can severely impact the confidentiality, integrity, and availability of the affected device itself, there is no loss of confidentiality, integrity, or availability within any subsequent systems.Show less
CVE-2025-57699 - - Aug 22, 2025 Aug 22, 2025 8.4 HIGH· v4 6.7 MEDIUM· v3 N/A· v2 Western Digital Kitfox for Windows provided by Western Digital Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute a...Show more Western Digital Kitfox for Windows provided by Western Digital Corporation registers a Windows service with an unquoted file path. A user with the write permission on the root directory of the system drive may execute arbitrary code with the SYSTEM privilege.Show less
CVE-2025-9043 - - Aug 21, 2025 Aug 14, 2025 6.7 MEDIUM· v4 N/A· v3 N/A· v2 The service executable path in Seagate Toolkit on Versions prior to 2.34.0.33 on Windows allows an attacker with Admin privileges to exploit a vulnerability as classified under CWE-428: Unquoted Search Path or Element. A...Show more The service executable path in Seagate Toolkit on Versions prior to 2.34.0.33 on Windows allows an attacker with Admin privileges to exploit a vulnerability as classified under CWE-428: Unquoted Search Path or Element. An attacker with write permissions to the root could place a malicious Program.exe file, which would execute with SYSTEM privileges.Show less

Previous 1...101112...22 Next