Unquoted path or search item vulnerability in SugarSync versions prior to 4.1.3 for Windows. This misconfiguration could allow an unauthorized local user to inject arbitrary code into the unquoted service path, resulting in privilege escalation.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: INCIBE
Published: 2024-05-03T10:52:25.899Z
Updated: 2024-08-01T20:40:47.107Z
Reserved: 2024-05-03T07:06:22.294Z
Link: CVE-2024-4461
Vulnrichment
Updated: 2024-08-01T20:40:47.107Z
NVD
Status : Awaiting Analysis
Published: 2024-05-03T11:15:22.630
Modified: 2024-11-21T09:42:52.430
Link: CVE-2024-4461
Redhat
No data.