VYPR

CWE-428

Unquoted Search Path or Element

BaseDraft

Description

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

If a malicious individual has access to the file system, it is possible to elevate privileges by inserting such a file as "C:\Program.exe" to be run by a privileged program making use of WinExec.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (233)

page 1 of 12
  • CVE-2022-50935CriJan 13, 2026
    risk 0.64cvss 9.8epss 0.00

    Flame II HSPA USB Modem contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\Internet Telcel\ApplicationController.exe' to execute arbitrary code with elevated system privileges.

  • CVE-2025-8070CriJul 23, 2025
    risk 0.60cvss epss 0.00

    The Windows service configuration of ABP and AES contains an unquoted ImagePath registry value vulnerability. This allows a local attacker to execute arbitrary code by placing a malicious executable in a predictable location such as C:\Program.exe. If the service runs with…

  • CVE-2024-58288HigDec 11, 2025
    risk 0.57cvss epss 0.00

    Genexus Protection Server 9.7.2.10 contains an unquoted service path vulnerability in the protsrvservice Windows service configuration. Attackers can exploit the unquoted binary path to execute arbitrary code with elevated LocalSystem privileges by placing malicious executables…

  • CVE-2025-12507HigOct 31, 2025
    risk 0.57cvss 8.8epss 0.00

    The service Bizerba Communication Server (BCS) has an unquoted service path. Due to the way Windows searches the executable for the BCS service, malicious programs can be executed.

  • CVE-2016-5793HigSep 24, 2016
    risk 0.57cvss 8.8epss 0.00

    Unquoted Windows search path vulnerability in Moxa Active OPC Server before 2.4.19 allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory.

  • CVE-2023-54338HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    Tftpd32 SE 4.60 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be run with…

  • CVE-2023-54336HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    Mediconta 3.7.27 contains an unquoted service path vulnerability in the servermedicontservice that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\medicont3\ to inject malicious code that…

  • CVE-2023-53984HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges. Attackers can exploit the misconfigured service path to inject and execute arbitrary…

  • CVE-2022-50938HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    CONTPAQi AdminPAQ 14.0.0 contains an unquoted service path vulnerability in the AppKeyLicenseServer service running with LocalSystem privileges. Attackers can exploit the unquoted path to inject malicious code in the service binary path, potentially executing arbitrary code with…

  • CVE-2022-50930HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    Emerson PAC Machine Edition 9.80 contains an unquoted service path vulnerability in the TrapiServer service that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code…

  • CVE-2022-50929HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    Connectify Hotspot 2018 contains an unquoted service path vulnerability in its ConnectifyService executable that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\Connectify\ConnectifyService.exe' to…

  • CVE-2022-50924HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    Private Internet Access 3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious code that would…

  • CVE-2022-50920HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    Sandboxie-Plus 5.50.2 contains an unquoted service path vulnerability in the SbieSvc Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with…

  • CVE-2022-50918HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    VIVE Runtime Service 1.0.0.4 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path by placing malicious executables in specific system directories to gain…

  • CVE-2022-50914HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    EaseUS Data Recovery 15.1.0.0 contains an unquoted service path vulnerability in the EaseUS UPDATE SERVICE executable. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges.

  • CVE-2022-50913HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    ITeC ITeCProteccioAppServer contains an unquoted service path vulnerability that allows local attackers to execute code with elevated system privileges. Attackers can insert a malicious executable in the service path to gain elevated access during service restart or system…

  • CVE-2022-50904HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    Wondershare UBackit 2.0.5 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted path in the wsbackup service to inject malicious executables that would run…

  • CVE-2022-50693HigJan 13, 2026
    risk 0.55cvss 8.4epss 0.00

    Splashtop 8.71.12001.0 contains an unquoted service path vulnerability in the Splashtop Software Updater Service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Splashtop\Splashtop Software…

  • CVE-2019-25231HigJan 8, 2026
    risk 0.55cvss 8.4epss 0.00

    devolo dLAN Cockpit 4.3.1 contains an unquoted service path vulnerability in the 'DevoloNetworkService' that allows local non-privileged users to potentially execute arbitrary code. Attackers can exploit the insecure service path configuration by inserting malicious code in the…

  • CVE-2020-36903HigDec 31, 2025
    risk 0.55cvss 8.4epss 0.00

    Selea CarPlateServer 4.0.1.6 contains an unquoted service path vulnerability in the Windows service configuration that allows local users to potentially execute code with elevated privileges. Attackers can exploit the service's unquoted binary path by inserting malicious code in…