CVE-2021-46443

Name of the Vulnerable Software and Affected Versions Spoofer version 1.4.6

Description The issue allows an attacker with low privileges to escalate privileges by hijacking the execution flow of the application. This can be achieved by inserting a malicious executable in a higher-level directory with the vulnerable path.

Recommendations For Spoofer version 1.4.6, consider quoting the service paths to prevent malicious executables from being inserted in higher-level directories. As a temporary workaround, restrict access to the vulnerable service paths to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.