漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Sync Breeze Enterprise 12.4.18 - Unquoted Service Path
Vulnerability Description
Sync Breeze Enterprise 12.4.18 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path by placing malicious executables in specific file system locations to hijack the service startup process.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
未经引用的搜索路径或元素
Vulnerability Title
Flexense Sync Breeze Enterprise 代码问题漏洞
Vulnerability Description
Flexense Sync Breeze Enterprise是Flexense公司的一款文件同步和备份工具。 Flexense Sync Breeze Enterprise 12.4.18版本存在代码问题漏洞,该漏洞源于存在未加引号的服务路径漏洞,攻击者可利用未加引号的二进制路径在特定文件系统位置放置恶意可执行文件,可能导致劫持服务启动过程并以提升的系统权限执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A