CVE-2021-43457

HIGH

bVPN 2.5.1 - Unquoted Service Path in waselvpnserv

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-43457. PoCs published by Mohammed Alshehri.

AI-analyzed exploit summary This exploit describes an unquoted service path vulnerability in bVPN 2.5.1, where the service path contains spaces and is not enclosed in quotes, potentially allowing privilege escalation via executable placement in the path.

Description

An Unquoted Service Path vulnerability exists in bVPN 2.5.1 via a specially crafted file in the waselvpnserv service path.

Exploits (1)

exploitdb WRITEUP

by Mohammed Alshehri · textlocalwindows

https://www.exploit-db.com/exploits/49632

View Code ZIP pw:eip

This exploit describes an unquoted service path vulnerability in bVPN 2.5.1, where the service path contains spaces and is not enclosed in quotes, potentially allowing privilege escalation via executable placement in the path.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: bVPN 2.5.1

Auth required

Prerequisites: Local access to the system · Ability to write to the root of C: or another directory in the unquoted path

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Third Party Advisory x_refsource_misc

https://github.com/M507/Miner

Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/49632

Third Party Advisory, VDB Entry x_refsource_misc

https://exchange.xforce.ibmcloud.com/vulnerabilities/197938

Scores

CVSS v3 7.8

EPSS 0.0031

EPSS Percentile 21.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-428

Status published

Products (1)

bvpn/bvpn 2.5.1

Published Apr 04, 2022

Tracked Since Feb 18, 2026