GHSA-478p-wq8m-rrr4HighCVSS 7.8

TFTP Broadband 4.3.0.1465 contains an unquoted service path vulnerability in the tftpt.exe...

Published
June 19, 2026
Last Modified
June 19, 2026

🔗 CVE IDs covered (1)

📋 Description

TFTP Broadband 4.3.0.1465 contains an unquoted service path vulnerability in the tftpt.exe service binary that allows local attackers to execute arbitrary code with system privileges. Attackers can place a malicious executable in the Program Files directory path that will be executed during service startup or system reboot with LocalSystem privileges.

🔗 References (5)