CVE-2023-4991

A vulnerability was found in NextBX QWAlerter 4.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file QWAlerter.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. The identifier of this vulnerability is VDB-239804. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References
Link Resource
https://vuldb.com/?ctiid.239804 Permissions Required Third Party Advisory
https://vuldb.com/?id.239804 Permissions Required Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:quescom:nextbx_qwalerter:4.50:*:*:*:*:*:*:*

History

20 Sep 2023, 18:10

Type Values Removed Values Added
First Time Quescom nextbx Qwalerter
Quescom
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
CPE cpe:2.3:a:quescom:nextbx_qwalerter:4.50:*:*:*:*:*:*:*
References (MISC) https://vuldb.com/?id.239804 - (MISC) https://vuldb.com/?id.239804 - Permissions Required, Third Party Advisory
References (MISC) https://vuldb.com/?ctiid.239804 - (MISC) https://vuldb.com/?ctiid.239804 - Permissions Required, Third Party Advisory

15 Sep 2023, 16:20

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-15 16:15

Updated : 2024-05-17 02:31


NVD link : CVE-2023-4991

Mitre link : CVE-2023-4991

CVE.ORG link : CVE-2023-4991


JSON object : View

Products Affected

quescom

  • nextbx_qwalerter
CWE
CWE-428

Unquoted Search Path or Element