CVE-2021-47886

Name of the Vulnerable Software and Affected Versions Pingzapper version 2.3.1

Description Pingzapper 2.3.1 contains an unquoted service path vulnerability in the PingzapperSvc service. This allows local attackers to potentially execute arbitrary code. The vulnerability exists due to an unquoted path in 'C:Program Files (x86)PingzapperPZService.exe', which enables attackers to inject malicious executables and escalate privileges.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider modifying the service path to include quotes to prevent the execution of unauthorized files.