Vulnerability Description
Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. Attackers can exploit the misconfigured service binary path to inject malicious executables with elevated LocalSystem privileges during system boot or service restart.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://www.exploit-db.com/exploits/48983
- https://www.pablosoftwaresolutions.com/download.php?id=10
- https://www.pablosoftwaresolutions.com/html/quick__n_easy_ftp_service.html
- https://www.vulncheck.com/advisories/quick-n-easy-ftp-service-unquoted-service-p
FAQ
What is CVE-2020-36983?
CVE-2020-36983 is a vulnerability with a CVSS score of 7.8 (HIGH). Quick 'n Easy FTP Service 3.2 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code during service startup. Attackers can exploit the misconfigured serv...
How severe is CVE-2020-36983?
CVE-2020-36983 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-36983?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.