CVE-2019-25308

EUVD-2019-19451
Mikogo 5.2.2.150317 contains an unquoted service path vulnerability in the Mikogo-Service Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific path locations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
mikogomikogo
5.2.150317
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://html.tucows.com/preview/518015/Mikogo?q=remote+support
https://www.exploit-db.com/exploits/47510
https://www.vulncheck.com/advisories/mikogo-mikogo-service-unquoted-service-path