CVE-2024-9325— Intelbras InControl incontrol-service-watchdog.exe unquoted search path

Intelbras InControl incontrol-service-watchdog.exe unquoted search path

A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

未经引用的搜索路径或元素

Intelbras InControl 代码问题漏洞

Intelbras InControl是Intelbras公司的一款访问控制管理软件，它允许用户轻松管理任何使用访问控制设备的入口和出口流量。 Intelbras InControl 2.21.56版本之前存在代码问题漏洞，该漏洞源于incontrol-service-watchdog.exe文件包含一个问题。

N/A

N/A