A vulnerability was found in NextBX QWAlerter 4.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file QWAlerter.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. The identifier of this vulnerability is VDB-239804. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References
Link | Resource |
---|---|
https://vuldb.com/?ctiid.239804 | Permissions Required Third Party Advisory |
https://vuldb.com/?id.239804 | Permissions Required Third Party Advisory |
Configurations
History
20 Sep 2023, 18:10
Type | Values Removed | Values Added |
---|---|---|
First Time |
Quescom nextbx Qwalerter
Quescom |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CPE | cpe:2.3:a:quescom:nextbx_qwalerter:4.50:*:*:*:*:*:*:* | |
References | (MISC) https://vuldb.com/?id.239804 - Permissions Required, Third Party Advisory | |
References | (MISC) https://vuldb.com/?ctiid.239804 - Permissions Required, Third Party Advisory |
15 Sep 2023, 16:20
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-15 16:15
Updated : 2024-05-17 02:31
NVD link : CVE-2023-4991
Mitre link : CVE-2023-4991
CVE.ORG link : CVE-2023-4991
JSON object : View
Products Affected
quescom
- nextbx_qwalerter
CWE
CWE-428
Unquoted Search Path or Element