CVE-2020-17381
Description
An issue was discovered in Ghisler Total Commander 9.51. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the %SYSTEMDRIVE%otalcmdTOTALCMD64.EXE binary.
Risk Information
Base Score
7.3
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.047
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2007-4463,CVE-2007-4464,CVE-2020-17381 are affected in Total Commander (x64) 9.51 | Windows |
| Vulnerabilities CVE-2007-4463,CVE-2007-4464,CVE-2020-17381 are affected in Total Commander 9.51 | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-336337 | Total Commander (x64) (11.03) |
| PATCH-336336 | Total Commander (11.03) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234