CNNVD-202602-449 Information
CNNVD ID
CNNVD-202602-449
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
Flexense Disk Savvy Enterprise是Flexense公司的一个硬盘空间分析工具。 Flexense Disk Savvy Enterprise 12.3.18版本存在代码问题漏洞,该漏洞源于服务配置中存在未加引号的服务路径漏洞,攻击者可利用C:Program FilesDisk Savvy Enterpriseindisksvs.exe中的未加引号路径注入恶意可执行文件,可能导致权限提升。
Description (English)
Flexense Disk Savvy Enterprise is a hard drive spatial analysis tool for Flexense. Flexense Disk Savvy Enterprise 12.3.18 has a code problem loophole, which stems from service configurations with unquoted service paths that can be used by attackers to inject unquoted paths from C:Program FilesDisk Savvy Enterprisesvs.exe to maliciously enforceable documents, which may lead to increased authority.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
Flexense
Published
2026-02-03
Last Modified
2026-02-24
References
http://www.disksavvy.com https://www.exploit-db.com/exploits/48049 https://www.vulncheck.com/advisories/disk-savvy-enterprise-disksvsexe-unquoted-service-path
Patch
https://www.disksorter.com/downloads.html
Share on: