CNNVD-202601-4309 Information

CNNVD ID

CNNVD-202601-4309

Related CVE

CVE-2020-36935

• CNNVD Published: 2026-01-25

Description (Chinese)

KMSpico是KMSpico公司的一个Windows操作系统和Office软件破解工具。 KMSpico 17.1.0.0版本存在代码问题漏洞，该漏洞源于服务路径未加引号，可能导致执行任意代码。

Description (English)

KMSpico is a Windows operating system and Office software cracker for KMSpico. The KMSpico version 17.1.0.0 has a code gap, which stems from the lack of quotation marks on the service path, which may lead to the implementation of any code.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

KMSpico

Published

2026-01-25

Last Modified

2026-02-24

References

https://official-kmspico.com/ https://www.exploit-db.com/exploits/49003 https://www.vulncheck.com/advisories/kmspico-service-kmseldi-unquoted-service-path