CVE-2022-28999
HIGHDev-C++ v4.9.9.2 - Arbitrary Code Execution via Insecure Install Permissions
Title source: llmDescription
Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/ycdxsb/Vuln/blob/main/Dev-Cpp-BloodShed-Incorrect-Install-Permission
Scores
CVSS v3
8.8
EPSS
0.0113
EPSS Percentile
62.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-276
Status
published
Products (1)
bloodshed/dev-c\+\+
4.9.9.2
Published
May 23, 2022
Tracked Since
Feb 18, 2026