CVE-2021-47868

Publication date

2026-01-21 17:27:45

Family

VulnCheck

State

PUBLISHED

Description

WIN-PACK PRO 4.8 contains an unquoted service path vulnerability in the WPCommandFileService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:Program Files WINPAKPROWPCommandFileService Service.exe to inject malicious code that would execute with LocalSystem permissions.