CNNVD-202602-007 Information

CNNVD ID

CNNVD-202602-007

Related CVE

CVE-2020-37048

• CNNVD Published: 2026-02-01

Description (Chinese)

Iskysoft Application Framework Service是美国Iskysoft公司的一个后台核心基础服务组件。 Iskysoft Application Framework Service 2.4.3.241版本存在代码问题漏洞，该漏洞源于服务路径未加引号，可能导致本地用户执行具有提升权限的任意代码。

Description (English)

Iskysoft Application Platform Service is a core basic service component of the backstage of IskySoft in the United States. The Iskysoft Application version 2.4.3.241 has a code loophole, which stems from the absence of quotation marks on the service path, which may lead local users to execute any code with enhanced permission.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Iskysoft

Published

2026-02-01

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/48171 https://www.iskysoft.us https://www.vulncheck.com/advisories/iskysoft-application-framework-service-isappservice-unquoted-service-path