CVE-2022-33035

HIGH

XLPD <7.0.0094 - Privilege Escalation

Title source: llm

Description

XLPD v7.0.0094 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.

References (2)

Scores

CVSS v3 7.8
EPSS 0.0004
EPSS Percentile 10.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-427
Status published

Affected Products (1)

netsarang/xlpd < 7.0.0103

Timeline

Published Jun 29, 2022
Tracked Since Feb 18, 2026