CVE
– pending –
Vulnerable software
PlugFree Network Version <= 7.3.0.3
Vulnerability
An unquoted service path allows a possible extension of rights at the system level.
Timeline
- 28.10.2021 Manufacturer informed
- 22.11.2021 Manufacturer contacted again
- 10.12.2021 Public tweet to the manufacturer
- 19.12.2021 Manufacturer contacted again
- No reaction