CVE-2019-25286

Name of the Vulnerable Software and Affected Versions GCafé version 3.0

Description GCafé 3.0 contains an unquoted service path vulnerability in the gbClientService. This allows local attackers to potentially execute arbitrary code with elevated privileges. The issue stems from an unquoted path in the service configuration, enabling attackers to inject malicious executables that run with LocalSystem permissions.

Recommendations Ensure the service path for gbClientService is properly quoted to prevent the execution of unauthorized code.