Alan Mondragon

#8780of 53,633
31.2Total CVSS
Vulnerabilities · 4
High
4
PT-2026-3813
7.8
2026-01-21
Fspro · Event Log Explorer · CVE-2021-47861
**Name of the Vulnerable Software and Affected Versions** Event Log Explorer version 4.9.3 **Description** An unquoted service path issue allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit this by placing malicious executables in specific file system locations, which are then executed with LocalSystem account privileges during service startup. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2026-3818
7.8
2026-01-21
Honeywell · Win-Pack Pro · CVE-2021-47866
**Name of the Vulnerable Software and Affected Versions** WIN-PACK PRO version 4.8 **Description** The GuardTourService contains an unquoted service path in 'C:Program Files WINPAKPROWP GuardTour Service.exe'. This allows local users to inject malicious code that can be executed with elevated system privileges during the service startup. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2026-3819
7.8
2026-01-21
Jsecurity · Winpakpro · CVE-2021-47867
**Name of the Vulnerable Software and Affected Versions** WIN-PACK PRO version 4.8 **Description** The ScheduleService contains an unquoted service path. Local users can exploit the unquoted path in 'C:Program Files <x86>WINPAKPROScheduleService Service.exe' to inject malicious code, potentially leading to code execution with elevated system privileges during service startup. **Recommendations** As a temporary workaround, restrict access to the 'C:Program Files <x86>WINPAKPROScheduleService Service.exe' path to prevent unauthorized users from injecting malicious files.
PT-2026-3820
7.8
2026-01-21
Honeywell · Win-Pack Pro · CVE-2021-47868
**Name of the Vulnerable Software and Affected Versions** WIN-PACK PRO version 4.8 **Description** An unquoted service path exists in the WPCommandFileService. Local users can exploit the unquoted path in 'C:Program Files <x86>WINPAKPROWPCommandFileService Service.exe' to inject malicious code, which may then be executed with LocalSystem privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.