CVE-2021-41066

Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 14/12/2021 Updated: 07/11/2023

CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9

CVSS v3 Base Score: 7.5 | Impact Score: 5.9 | Exploitability Score: 1.6

VMScore: 676

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

An issue exists in Listary up to and including 6. When Listary is configured as admin, Listary will not ask for permissions again if a user tries to access files on the system from Listary itself (it will bypass UAC protection; there is no privilege validation of the current user that runs via Listary).

Vulnerable Product	Search on Vulmon	Subscribe to Product
bopsoft listary

CWE-862 https://www.listary.com/download https://medium.com/%40tomerp_77017/exploiting-listary-searching-your-way-to-system-privileges-8175af676c3e https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-41066

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect