CVE-2025-4540

A vulnerability was found in MTSoftware C-Lodop 6.6.1.1 on Windows. It has been rated as critical. This issue affects some unknown processing of the component CLodopPrintService. The manipulation leads to unquoted search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 6.6.13 is able to address this issue. It is recommended to upgrade the affected component.
Configurations

No configuration.

History

23 May 2025, 18:15

Type Values Removed Values Added
References
  • {'url': 'https://mega.nz/folder/A5lQQKpL#AF3WPzST3X1Ot6B6fs3bow', 'source': 'cna@vuldb.com'}
  • () https://0nightsedge0.github.io/2025/05/14/CVE-2025-4540-C-Lodop/ -
Summary (en) A vulnerability was found in MTSoftware C-Lodop 6.6.1.1. It has been rated as critical. This issue affects some unknown processing of the component CLodopPrintService. The manipulation leads to unquoted search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 6.6.13 is able to address this issue. It is recommended to upgrade the affected component. (en) A vulnerability was found in MTSoftware C-Lodop 6.6.1.1 on Windows. It has been rated as critical. This issue affects some unknown processing of the component CLodopPrintService. The manipulation leads to unquoted search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 6.6.13 is able to address this issue. It is recommended to upgrade the affected component.

12 May 2025, 13:15

Type Values Removed Values Added
References () https://vuldb.com/?submit.566789 - () https://vuldb.com/?submit.566789 -
Summary
  • (es) Se encontró una vulnerabilidad en MTSoftware C-Lodop 6.6.1.1. Se ha clasificado como crítica. Este problema afecta a un procesamiento desconocido del componente CLodopPrintService. La manipulación genera una ruta de búsqueda sin comillas. El ataque debe abordarse localmente. Es un ataque de complejidad bastante alta. Parece difícil de explotar. Se ha hecho público el exploit y puede que sea utilizado. Actualizar a la versión 6.6.13 puede solucionar este problema. Se recomienda actualizar el componente afectado.

11 May 2025, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-11 16:15

Updated : 2025-05-23 18:15


NVD link : CVE-2025-4540

Mitre link : CVE-2025-4540

CVE.ORG link : CVE-2025-4540


JSON object : View

Products Affected

No product.

CWE
CWE-426

Untrusted Search Path

CWE-428

Unquoted Search Path or Element