Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DLL search order hijack in Wave by Grandstream Networks
Vulnerability Description
DLL search order hijacking vulnerability in the wave.exe executable for Windows 11, version 1.27.8. Exploitation of this vulnerability could allow attackers with local access to execute arbitrary code by placing an arbitrary file in the 'C:\Users<user>\AppData\Local\Temp' directory, which could lead to arbitrary code execution and persistence. This vulnerability is only replicable in versions of Windows 11 and does not affect earlier versions.
CVSS Information
N/A
Vulnerability Type
对搜索路径元素未加控制
Vulnerability Title
Grandstream Wave 代码问题漏洞
Vulnerability Description
Grandstream Wave是美国Grandstream公司的一个语音软件。 Grandstream Wave 1.27.8版本存在代码问题漏洞,该漏洞源于DLL搜索顺序劫持,可能导致执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A