CVE-2019-25231
Unquoted Service Path in devolo dLAN Cockpit Enables Code Execution
Publication date: 2026-01-08
Last updated on: 2026-01-08
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| devolo | dlancockpit | 4.3.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-428 | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability is an unquoted service path issue in the devolo dLAN Cockpit 4.3.1 software's Windows service named 'DevoloNetworkService.' Because the service executable path is not enclosed in quotes, a local non-privileged user can place a malicious executable in a directory that the system searches before the legitimate service executable. This malicious code can then be executed with elevated privileges during application startup or system reboot, potentially allowing the attacker to run arbitrary code with system-level privileges. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to local privilege escalation, allowing an authorized but non-privileged user to execute arbitrary code with elevated (system-level) privileges. This means an attacker could gain higher-level access to the affected Windows system, potentially compromising the system's security and control. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking the service path of the 'DevoloNetworkService' for unquoted executable paths. On a Windows system, you can use the command: sc qc DevoloNetworkService to query the service configuration and inspect the BINARY_PATH_NAME for missing quotes around the executable path. If the path is unquoted and contains spaces, it is vulnerable to this issue. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately enclose the service executable path in quotes to prevent the unquoted service path issue. Alternatively, restrict write permissions to directories in the service path to prevent unauthorized users from placing malicious executables. Additionally, monitor and remove any suspicious executables placed in the system root or service path directories. Applying updates or patches from the vendor, if available, is also recommended. [1, 2]