CNNVD-202602-884 Information
Feb 05, 2026
cve
CNNVD ID
CNNVD-202602-884
Related CVE
- CNNVD Published: 2026-02-05
Description (Chinese)
Shrew Soft VPN Client是Shrew Soft公司的一个IPsec VPN客户端软件。 Shrew Soft VPN Client 2.2.2版本存在代码问题漏洞,该漏洞源于未加引号的服务路径,可能导致本地用户执行任意代码并提升系统权限。
Description (English)
Shrew Soft VPN Clinic is an IPsec VPN client of Shrew Soft. There is a code gap in version 2.2.2 of Shrew Soft VPN Clinic, which stems from service paths without quotation marks, which may lead local users to enforce any code and enhance system privileges.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
Shrew Soft
Published
2026-02-05
Last Modified
2026-02-24
References
https://www.exploit-db.com/exploits/47660 https://www.shrew.net https://www.vulncheck.com/advisories/shrew-soft-vpn-client-iked-unquoted-service-path
Share on: