Unquoted Service CNTLM
Brought to you by:
mavey
Menu
▾
▴
#66 Unquoted Service CNTLM
Dear cntlm maintainers,
I am using CNTLM Version 0.92.3. There is a possible Unquoted Service Path Vulnerability in HKLM\SYSTEM\CurrentControlSet\services and path C:\Program Files (x86)\Cntlm\cygrunsrv.exe. This could potentially allow an authorized but non privileged local user to execute arbitrary code with elevated privileges on the system.