216.73.217.172

CVE-2021-47889

· Published 23/01/2026 17:15 · Modified 23/01/2026 17:15

Labels: CVE-2021-47889 2026-01-23CVE-2021-47889CWE-428[email protected]

Essential information

Published
23/01/2026 17:15
Modified
23/01/2026 17:15
Author
Creator
CVSS
8.5 HIGH (v3) 8.5 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Softros LAN Messenger 9.6.4 contains an unquoted service path vulnerability in the SoftrosSpellChecker service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\Softros Systems\Softros Messenger\Spell Checker\' to inject malicious executables and escalate privileges.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
softros systems / softros lan messenger cpe:2.3:a:softros_systems:softros_lan_messenger:9.6.4:*:*:*:*:*:*:*

References