Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-16715

EPSS 0.23% · P46
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-16715

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
An issue was discovered in Absolute Software CTES Windows Agent through 1.0.0.1479. The security permissions on the %ProgramData%\CTES folder and sub-folders may allow write access to low-privileged user accounts. This allows unauthorized replacement of service program executable (EXE) or dynamically loadable library (DLL) files, causing elevated (SYSTEM) user access. Configuration control files or data files under this folder could also be similarly modified to affect service process behavior.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Absolute Software CTES Windows Agent 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Absolute Software CTES Windows Agent是一款基于Windows平台的用于监控计算机系统的代理程序。 Absolute Software CTES Windows Agent 1.0.0.1479及之前版本中存在安全漏洞,该漏洞源于%ProgramData%CTES文件夹及其子文件夹未明确限制对系统或管理员用户账户的访问。攻击者可利用该漏洞未授权更换服务程序可执行文件或DLL文件,进而以提升的系统用户权限未授权访问代码,或修改该文件夹下的配置控制文件或数据文件,进而影响服务
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2018-16715

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2018-16715

登录查看更多情报信息。

Same Patch Batch · n/a · 2018-09-08 · 7 CVEs total

CVE-2018-16724baijiacms SQL注入漏洞
CVE-2018-16725baijiacms 跨站脚本漏洞
CVE-2018-16730CScms 跨站脚本漏洞
CVE-2018-16731CScms 安全漏洞
CVE-2018-16732CScms 跨站请求伪造漏洞
CVE-2018-16733Go Ethereum 安全漏洞

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2018-16715

No comments yet

Leave a comment