CVE-2021-47868 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

WIN-PACK PRO 4.8 contains an unquoted service path vulnerability in the WPCommandFileService that allows local users to potentially execute code with elevated p…
High CVSS: 8.5

CVE-2021-47868

WIN-PACK PRO 4.8 contains an unquoted service path vulnerability in the WPCommandFileService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files <x86>\WINPAKPRO\WPCommandFileService Service.exe to inject malicious code that would execute with LocalSystem permissions.
Vendor
-
Product
-
CWE
CWE-428
Yayın Tarihi
2026-01-21 18:16:19
Güncelleme
2026-01-26 15:04:59
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-428 HIGH 2026

Referanslar

https://www.exploit-db.com/exploits/49692 https://www.security.honeywell.com/product-repository/winpak https://www.vulncheck.com/advisories/win-pack-pro-wpcommandfileservice-unquoted-service-path