CVE-2020-36930

High CVSS: 8.5

SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\SysGauge Server\bin\sysgaus.exe' to inject malicious executables and escalate privileges.

Vendor

Flexense

Product

Sysgauge

CWE

CWE-428

Yayın Tarihi

2026-01-16 00:16:20

Güncelleme

2026-02-09 15:01:00

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-428 Sysgauge HIGH Flexense 2026

Referanslar

https://www.exploit-db.com/exploits/50009 https://www.sysgauge.com https://www.vulncheck.com/advisories/sysgauge-sysgauge-server-unquoted-service-path https://www.exploit-db.com/exploits/50009

Benzer Kayıtlar

High

CVE-2020-37100

Sync Breeze Enterprise 12.4.18 contains an unquoted service path vulnerability that allows local attackers to execute ar…

High

CVE-2025-59895

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service (DoS) vulne…

Medium

CVE-2025-59896

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site…

Medium

CVE-2025-59897

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site…

Medium

CVE-2025-59898

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site…

Medium

CVE-2025-59899

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a persistent authenticated Cross-Site…