PT-2026-3285 · Unknown · Dhcp Broadband

Erick Galindo

Publicado

2026-01-16

Atualizado

2026-01-17

CVE-2021-47829

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions DHCP Broadband version 4.1.0.1503

Description The software contains an unquoted service path vulnerability in its service configuration. This allows local attackers to execute code with elevated privileges. The vulnerable path is located at 'C:Program FilesDHCP Broadband 4dhcpt.exe', enabling attackers to inject malicious code that executes during service startup with LocalSystem permissions.

Recommendations Apply appropriate quoting to the service path in the service configuration.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-428

Identificadores relacionados

CVE-2021-47829

Produtos afetados

Dhcp Broadband

PT-2026-3285 · Unknown · Dhcp Broadband

CVE-2021-47829

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6