Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Multiple vulnerabilities in Small HTTP server by Smallsrv
Vulnerability Description
Vulnerability related to an unquoted service path in Small HTTP Server 3.06.36, specifically affecting the executable located at 'C:\Program Files (x86)\shttps_mg\http.exe service'. This misconfiguration allows a local attacker to place a malicious executable with the same name in a higher priority directory, causing the service to execute the malicious file instead of the legitimate one. Exploiting this flaw could allow arbitrary code execution, unauthorized access to the system, or service disruption. To mitigate the risk, the service path must be properly quoted, and systems must be kept up to date with security patches, while restricting physical and network access.
CVSS Information
N/A
Vulnerability Type
未经引用的搜索路径或元素
Vulnerability Title
Small Http Server 代码问题漏洞
Vulnerability Description
Small Http Server是Max Feoktistov个人开发者的一个小型 Http 服务器。 Small Http Server 3.06.36版本存在代码问题漏洞,该漏洞源于未加引号的服务路径,可能导致本地攻击者将恶意可执行文件放置在更高优先级的目录中,从而执行恶意文件。
CVSS Information
N/A
Vulnerability Type
N/A