CVE-2024-1186

LOW

Munsoft Easy Archive Recovery - Improper Resource Release

Title source: rule

Description

A vulnerability classified as problematic was found in Munsoft Easy Archive Recovery 2.0. This vulnerability affects unknown code of the component Registration Key Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252676. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Exploits (1)

exploitdb WORKING POC

by Ihsan Sencan · pythondoswindows_x86-64

https://www.exploit-db.com/exploits/45884

View Code ZIP pw:eip

References (4)

[Permissions Required] https://vuldb.com/?id.252676

[Permissions Required] https://vuldb.com/?ctiid.252676

[Exploit] https://fitoxs.com/vuldb/12-exploit-perl.txt

[Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/45884

Scores

CVSS v3 3.3

EPSS 0.0004

EPSS Percentile 12.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-404

Status published

Products (1)

munsoft/easy_archive_recovery 2.0

Published Feb 02, 2024

Tracked Since Feb 18, 2026