CVE-2024-28131

Name of the Vulnerable Software and Affected Versions EasyRange Ver 1.41

Description The issue with the executable file search path when displaying an extracted file on Explorer may lead to loading an executable file that resides in the same folder where the extracted file is placed. If this issue is exploited, arbitrary code may be executed with the privilege of the running program. The developer was unreachable, and users should consider stopping the use of EasyRange Ver 1.41.

Recommendations For EasyRange Ver 1.41, consider stopping the use of this version as the developer is unreachable and no fix is available. As a temporary workaround, consider restricting access to the executable file search path to minimize the risk of exploitation. Avoid using EasyRange Ver 1.41 to display extracted files on Explorer until a fix is available. At the moment, there is no information about a newer version that contains a fix for this issue.