High severity7.8OSV Advisory· Published Jan 31, 2018· Updated Jun 17, 2026
CVE-2018-6384
CVE-2018-6384
Description
Unquoted Windows search path vulnerability in NSClient++ before 0.4.1.73 allows non-privileged local users to execute arbitrary code with elevated privileges on the system via a malicious program.exe executable in the %SYSTEMDRIVE% folder.
Affected products
2- Range: <0.4.1.73
Patches
Vulnerability mechanics
References
2- www.on-x.com/sites/default/files/on-x_-_security_advisory_-_nsclient_-_cve-2018-6384.pdfnvdExploitThird Party Advisory
- nsclient.org/blog/2018/01/30/CVE-2018-6384-0.3.9/nvdVendor Advisory
News mentions
0No linked articles in our index yet.