CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2021-35230

MEDIUM
6.7
CVSS Severity Score
EPSS Score0.0340%
EPSS Percentile11.78th
Published2021年10月22日
Last Modified2024年11月21日

Vulnerability Description

As a result of an unquoted service path vulnerability present in the Kiwi CatTools Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry.

Affected Platforms (CPE)

📦
Solarwinds

Kiwi Cattools

< 3.11.9

References & Advisories

🔗 https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35230
🔗 https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35230

相關漏洞威脅

CVE-2007-088810.0

Directory traversal vulnerability in the TFTP server in Kiwi CatTools before 3.2.0 beta allows remote attackers to read arbitrary ...

CVE-2007-08894.6

Kiwi CatTools before 3.2.0 beta uses weak encryption ("reversible encoding") for passwords, account names, and IP addresses in kiw...

CVE-2021-4155610.0

sqclass.cpp in Squirrel through 2.2.5 and 3.x through 3.1 allows an out-of-bounds read (in the core interpreter) that can lead to ...

CVE-2021-021110.0

An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon ...