CVE-2021-47886
Unknown Unknown - Not Provided
Unquoted Service Path in PingzapperSvc Enables Local Code Execution

Publication date: 2026-01-21

Last updated on: 2026-01-21

Assigner: VulnCheck

Description
Pingzapper 2.3.1 contains an unquoted service path vulnerability in the PingzapperSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\Pingzapper\PZService.exe' to inject malicious executables and escalate privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-21
Last Modified
2026-01-21
Generated
2026-06-16
AI Q&A
2026-01-21
EPSS Evaluated
2026-06-15
NVD
CVE-2021-47886
EUVD
EUVD-2026-3617
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
fyrolabs pingzapper 2.3.1
fyrolabs pingzapper 3.1.7
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2021-47886 is an unquoted service path vulnerability in Pingzapper version 2.3.1 affecting the PingzapperSvc service. The service executable path 'C:\Program Files (x86)\Pingzapper\PZService.exe' is unquoted despite containing spaces. This misconfiguration allows local attackers to place malicious executables in a path that Windows might execute with elevated privileges when the service starts, potentially leading to arbitrary code execution and privilege escalation. [2, 3]

Impact Analysis

This vulnerability can allow a local attacker to execute arbitrary code with elevated privileges on the affected system by exploiting the unquoted service path. This means an attacker could escalate their privileges and potentially take full control of the system, compromising confidentiality, integrity, and availability. [2, 3]

Detection Guidance

This vulnerability can be detected by checking for unquoted service paths in Windows services, specifically the 'PingzapperSvc' service. Commands such as 'wmic service get name,pathname,startmode | findstr /i "Auto"' can be used to list services with auto-start mode and their executable paths. Then, inspect the paths for unquoted strings containing spaces, like 'C:\Program Files (x86)\Pingzapper\PZService.exe'. Additionally, the 'sc qc PingzapperSvc' command can be used to query the configuration of the specific service to verify if the executable path is unquoted. [2]

Mitigation Strategies

Immediate mitigation steps include correcting the unquoted service path by enclosing the executable path in quotes to prevent Windows from misinterpreting the path and executing malicious files. Alternatively, updating Pingzapper to a version later than 2.3.1 (such as version 3.1.7) may resolve the issue if the vendor has patched the vulnerability. Restricting local user access to prevent unauthorized file placement in the affected directories can also reduce risk. [1, 2, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47886. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart