CVE-2021-46368

HIGH

TRIGONE Remote System Monitor <3.61 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-46368. PoCs published by Yehia Elghaly.

AI-analyzed exploit summary This is a writeup detailing the discovery of an unquoted service path vulnerability in TRIGONE Remote System Monitor 3.61. It includes steps to identify the vulnerability using WMIC and SC commands but does not contain exploit code.

Description

TRIGONE Remote System Monitor 3.61 is vulnerable to an unquoted path service allowing local users to launch processes with elevated privileges.

Exploits (1)

exploitdb WRITEUP

by Yehia Elghaly · textlocalwindows

https://www.exploit-db.com/exploits/50633

View Code ZIP pw:eip

This is a writeup detailing the discovery of an unquoted service path vulnerability in TRIGONE Remote System Monitor 3.61. It includes steps to identify the vulnerability using WMIC and SC commands but does not contain exploit code.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: TRIGONE Remote System Monitor Server 3.61

Auth required

Prerequisites: Local access to the system · Ability to execute commands with sufficient privileges

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/50633

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://packetstormsecurity.com/files/165404/TRIGONE-Remote-System-Monitor-3.61-Unquoted-Service-Path.html

Scores

CVSS v3 7.8

EPSS 0.0040

EPSS Percentile 31.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-428

Status published

Products (1)

trigonesoft/remote_system_monitor 3.61

Published Feb 17, 2022

Tracked Since Feb 18, 2026