从这张网页截图中,我们可以获取到以下关于漏洞的关键信息: 漏洞标题: Bandwidth Monitor 3.9 - 'Svc10StrikeBandMonitor' Unquoted Service Path EDB-ID: 48591 CVE: N/A 作者: BOKU 类型: LOCAL 平台: WINDOWS 日期: 2020-06-16 是否有EDB验证: 无 漏洞描述: - 漏洞类型: Local Privilege Escalation to LocalSystem by Unquoted Service Path. - 详细描述: The 10-Strike Bandwidth Monitor v3.9 services "Svc10StrikeBandMonitor", "Svc10StrikeBMWD", and "Svc10StrikeBMAgent" suffer from an unquoted service path vulnerability. By tricking an administrator into installing a trojan in the unquoted service path, an attacker can escalate their privileges to LocalSystem. 测试环境: Windows 10 - Pro 1909 (x86) 版本: Version 3.9 供应商网站: https://www.10-strike.com/ 软件下载: https://www.10-strike.com/bandwidth-monitor/bandwidth-monitor.exe 以上信息可帮助安全研究人员和系统管理员更好地理解并修复该漏洞。