CVE-2016-5793

Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse…

icscert·CWE-428·Published 2016-09-24

CVSS

—

EPSS

0.00

KEV

Exploits

cve.orgen

187 chars

Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.

NVDen

187 chars

Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.

NVDes

243 chars

Vulnerabilidad de ruta de búsqueda sin entrecomillar en Windows en Moxa Active OPC Server en versiones anteriores a 2.4.19 permite a usuarios locales obtener privilegios a través de un archivo troyano ejecutable en el directorio %SYSTEMDRIVE%.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.2	3.9	10.0	AV:L/AC:L/Au:N/C:C/I:C/A:C
3.0	Primary	NVD	8.8	2.0	6.0	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H