漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path
Vulnerability Description
Shrew Soft VPN Client 2.2.2 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can place malicious executables in the unquoted service path to gain elevated access during service startup or system reboot.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
未经引用的搜索路径或元素
Vulnerability Title
Shrew Soft VPN Client 代码问题漏洞
Vulnerability Description
Shrew Soft VPN Client是Shrew Soft公司的一个IPsec VPN客户端软件。 Shrew Soft VPN Client 2.2.2版本存在代码问题漏洞,该漏洞源于未加引号的服务路径,可能导致本地用户执行任意代码并提升系统权限。
CVSS Information
N/A
Vulnerability Type
N/A