vendor:
Remote Mouse
by:
Salman Asad (@deathflash1411) a.k.a LeoBreaker
5.5
CVSS
MEDIUM
Unquoted Service Path
426
CWE
Product Name: Remote Mouse
Affected Version From: 3.008
Affected Version To: 4.002
Patch Exists: NO
Related CWE:
CPE: a:remotemouse:remotemouse:3.008
Platforms Tested: Windows
2021
Remote Mouse 4.002 – Unquoted Service Path
The Remote Mouse service in version 4.002 of the Remote Mouse software for Windows has an unquoted service path vulnerability. This vulnerability could allow an attacker to escalate privileges by placing a malicious executable in a higher directory in the system's PATH environment variable.
Mitigation:
To mitigate this vulnerability, the vendor should update the software to include quotes around the service path in the service configuration. Users should also ensure they are using the latest version of the software.