Description
Akamai NetSession 1.9.3.1 is vulnerable to DLL Hijacking: it tries to load CSUNSAPI.dll without supplying the complete path. The issue is aggravated because the mentioned DLL is missing from the installation, thus making it possible to hijack the DLL and subsequently inject code within the Akamai NetSession process space.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://packetstormsecurity.com/files/140366/Akamai-NetSession-1.9.3.1-DLL-Hijacking.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/95995
Scores
CVSS v3
9.8
EPSS
0.0224
EPSS Percentile
80.7%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-94
Status
published
Products (1)
akamai/netsession
1.9.3.1
Published
Jan 23, 2017
Tracked Since
Feb 18, 2026