Erick Galindo

12 exploits Active since Jan 2026
CVE-2020-37251 EXPLOITDB HIGH text WRITEUP
RealTimes Desktop Service 18.1.4 Unquoted Service Path Privilege Escalation
RealTimes Desktop Service 18.1.4 contains an unquoted service path vulnerability in the rpdsvc.exe binary that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories to execute arbitrary code with LocalSystem privileges during service startup or system reboot.
CVSS 7.8
CVE-2020-37250 EXPLOITDB HIGH text WRITEUP
TFTP Broadband 4.3.0.1465 Unquoted Service Path Privilege Escalation
TFTP Broadband 4.3.0.1465 contains an unquoted service path vulnerability in the tftpt.exe service binary that allows local attackers to execute arbitrary code with system privileges. Attackers can place a malicious executable in the Program Files directory path that will be executed during service startup or system reboot with LocalSystem privileges.
CVSS 7.8
CVE-2021-47845 EXPLOITDB HIGH text WRITEUP
Spy Emergency 25.0.650 - Privilege Escalation
Spy Emergency 25.0.650 contains an unquoted service path vulnerability in its Windows service configurations that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted file paths in SpyEmergencyHealth.exe and SpyEmergencySrv.exe to inject malicious code during system startup or service restart.
CVSS 7.8
CVE-2021-47833 EXPLOITDB HIGH text WRITEUP
WifiHotSpot 1.0.0.0 - Code Injection
WifiHotSpot 1.0.0.0 contains an unquoted service path vulnerability in its WifiHotSpotService.exe that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem permissions.
CVSS 7.8
CVE-2021-47831 EXPLOITDB HIGH python WORKING POC
Sandboxie 5.49.7 - Denial of Service via Container Folder Input Overflow
Sandboxie 5.49.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the container folder input field. Attackers can paste a large buffer of repeated characters into the Sandbox container folder setting to trigger an application crash.
CVSS 7.5
CVE-2021-47829 EXPLOITDB HIGH text WRITEUP
DHCP Broadband 4.1.0.1503 - Code Injection
DHCP Broadband 4.1.0.1503 contains an unquoted service path vulnerability in its service configuration that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path in 'C:\Program Files\DHCP Broadband 4\dhcpt.exe' to inject malicious code that will execute during service startup with LocalSystem permissions.
CVSS 7.8
CVE-2021-47828 EXPLOITDB HIGH text WRITEUP
BOOTP Turbo <2.0.0.1253 - Code Injection
BOOTP Turbo 2.0.0.1253 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to execute arbitrary code with elevated LocalSystem privileges during system startup or reboot.
CVSS 7.8
CVE-2021-47822 EXPLOITDB HIGH text WRITEUP
DiskBoss Service 12.2.18 - Privilege Escalation
DiskBoss Service 12.2.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path locations to gain system-level access during service startup.
CVSS 7.8
CVE-2021-47815 EXPLOITDB HIGH python WORKING POC
Nsauditor 3.2.3 - Denial of Service via Registration Key Input Buffer Overflow
Nsauditor 3.2.3 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can paste a large buffer of 256 repeated characters into the 'Key' field to trigger an application crash.
CVSS 7.5
CVE-2021-47814 EXPLOITDB HIGH python WORKING POC
NBMonitor 1.6.8 - Denial of Service via Registration Code Input Overflow
NBMonitor 1.6.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. Attackers can paste a 256-character buffer into the registration key field to trigger an application crash and potential system instability.
CVSS 7.5
CVE-2021-47813 EXPLOITDB HIGH python WORKING POC
Backup Key Recovery 2.2.7 - Denial of Service via Registration Code Input Overflow
Backup Key Recovery 2.2.7 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the registration code input field. Attackers can paste a large buffer of 256 repeated characters into the registration key field to trigger application instability and potential crash.
CVSS 7.5
EIP-2026-117890 EXPLOITDB text WRITEUP
Sandboxie Plus 0.7.4 - 'SbieSvc' Unquoted Service Path