VYPR

CWE-427

Uncontrolled Search Path Element

BaseDraft

Description

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-38 · CAPEC-471

CVEs mapped to this weakness (377)

page 7 of 19
  • CVE-2017-7836HigJun 11, 2018
    risk 0.51cvss 7.8epss 0.00

    The "pingsender" executable used by the Firefox Health Report dynamically loads a system copy of libcurl, which an attacker could replace. This allows for privilege escalation as the replaced libcurl code will run with Firefox's privileges. Note: This attack requires an attacker…

  • CVE-2018-4938HigMay 19, 2018
    risk 0.51cvss 7.8epss 0.01

    Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. Successful exploitation could lead to local privilege escalation.

  • CVE-2018-3649HigMay 10, 2018
    risk 0.51cvss 7.8epss 0.01

    DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products allows a local attacker to cause escalation of…

  • CVE-2017-5175HigMay 9, 2018
    risk 0.51cvss 7.8epss 0.02

    Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerability which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code.

  • CVE-2017-14010HigApr 26, 2018
    risk 0.51cvss 7.8epss 0.02

    In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded…

  • CVE-2018-6766HigMar 27, 2018
    risk 0.51cvss 7.8epss 0.01

    Swisscom TVMediaHelper 1.1.0.50 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded. It allows an attacker to load a .dll of the attacker's…

  • CVE-2018-6765HigMar 27, 2018
    risk 0.51cvss 7.8epss 0.01

    Swisscom MySwisscomAssistant 2.17.1.1065 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded. It allows an attacker to load a .dll of the…

  • CVE-2017-12314HigNov 16, 2017
    risk 0.51cvss 7.8epss 0.00

    A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potentially causing a partial impact to the device availability, confidentiality, and integrity, aka Insecure Library Loading. The…

  • CVE-2017-14020HigNov 13, 2017
    risk 0.51cvss 7.8epss 0.01

    In AutomationDirect CLICK Programming Software (Part Number C0-PGMSW) Versions 2.10 and prior; C-More Programming Software (Part Number EA9-PGMSW) Versions 6.30 and prior; C-More Micro (Part Number EA-PGMSW) Versions 4.20.01.0 and prior; Do-more Designer Software (Part Number…

  • CVE-2017-14029HigNov 6, 2017
    risk 0.51cvss 7.8epss 0.01

    An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program will execute specially crafted malicious dll files placed on the target machine.

  • CVE-2017-14017HigOct 19, 2017
    risk 0.51cvss 7.8epss 0.01

    An Uncontrolled Search Path Element issue was discovered in Progea Movicon Version 11.5.1181 and prior. An uncontrolled search path element vulnerability has been identified, which may allow a remote attacker without privileges to execute arbitrary code in the form of a…

  • CVE-2017-13993HigOct 5, 2017
    risk 0.51cvss 7.8epss 0.02

    An Uncontrolled Search Path or Element issue was discovered in i-SENS SmartLog Diabetes Management Software, Version 2.4.0 and prior versions. An uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file…

  • CVE-2017-11158HigAug 31, 2017
    risk 0.51cvss 7.8epss 0.00

    Multiple untrusted search path vulnerabilities in the installer in Synology Cloud Station Drive before 4.2.5-4396 on Windows allow local attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or…

  • CVE-2017-12717HigAug 30, 2017
    risk 0.51cvss 7.8epss 0.02

    An Uncontrolled Search Path Element issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A maliciously crafted dll file placed earlier in the search path may allow an attacker to execute code within the context of the application.

  • CVE-2017-11159HigAug 23, 2017
    risk 0.51cvss 7.8epss 0.00

    Multiple untrusted search path vulnerabilities in installer in Synology Photo Station Uploader before 1.4.2-084 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a Trojan horse (1) shfolder.dll, (2) ntmarta.dll, (3) secur32.dll or…

  • CVE-2017-13130HigAug 23, 2017
    risk 0.51cvss 7.8epss 0.00

    mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring.

  • CVE-2017-6329HigAug 21, 2017
    risk 0.51cvss 7.8epss 0.01

    Symantec VIP Access for Desktop prior to 2.2.4 can be susceptible to a DLL Pre-Loading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is…

  • CVE-2017-9648HigAug 14, 2017
    risk 0.51cvss 7.8epss 0.02

    An Uncontrolled Search Path Element issue was discovered in Solar Controls WATTConfig M Software Version 2.5.10.1 and prior. An uncontrolled search path element has been identified, which could allow an attacker to execute arbitrary code on a target system using a malicious DLL…

  • CVE-2017-9646HigAug 14, 2017
    risk 0.51cvss 7.8epss 0.02

    An Uncontrolled Search Path Element issue was discovered in Solar Controls Heating Control Downloader (HCDownloader) Version 1.0.1.15 and prior. An uncontrolled search path element has been identified, which could allow an attacker to execute arbitrary code on a target system…

  • CVE-2017-2288HigAug 2, 2017
    risk 0.51cvss 7.8epss 0.01

    Untrusted search path vulnerability in LhaForge Ver.1.6.5 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.