10-Strike: Security Vulnerabilities
10-Strike Network Inventory Explorer Pro 9.31 contains an unquoted service path vulnerability in the srvInventoryWebServer service running with LocalSystem privileges. Attackers can exploit the unquoted path by placing malicious executables in potential path segments to achieve privilege escalation and execute code with system-level permissions.
CVSS Score
8.5
EPSS Score
0.0
Published
2026-01-15
10-Strike Network Inventory Explorer Pro 9.31 contains a buffer overflow vulnerability in the text file import functionality that allows remote code execution. Attackers can craft a malicious text file with carefully constructed payload to trigger a reverse shell and execute arbitrary code on the target system.
CVSS Score
8.4
EPSS Score
0.001
Published
2026-01-15
10-Strike Network Inventory Explorer v9.3 was discovered to contain a buffer overflow via the Add Computers function.
CVSS Score
9.8
EPSS Score
0.008
Published
2022-09-23
Free Photo Viewer 1.3 allows remote attackers to execute arbitrary code via a crafted BMP and/or TIFF file that triggers a malformed SEH, as demonstrated by a 0012ECB4 FreePhot.00425642 42200008 corrupt entry.
CVSS Score
7.8
EPSS Score
0.018
Published
2019-11-30
Unquoted Windows search path vulnerability in the srvInventoryWebServer service in 10-Strike Network Monitor 5.4 allows local users to gain privileges via a malicious artefact.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-03-12