Vulnerabilities > Controlup

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-27	CVE-2022-27905	Unquoted Search Path or Element vulnerability in Controlup In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. network low complexity controlup CWE-428	7.2
2022-01-04	CVE-2021-45912	OS Command Injection vulnerability in Controlup Real-Time Agent An unauthenticated Named Pipe channel in Controlup Real-Time Agent (cuAgent.exe) before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method. local low complexity controlup CWE-78	7.8
2022-01-04	CVE-2021-45913	Use of Hard-coded Credentials vulnerability in Controlup Agent A hardcoded key in ControlUp Real-Time Agent (cuAgent.exe) before 8.2.5 may allow a potential attacker to run OS commands via a WCF channel. network low complexity controlup CWE-798	7.2

Vulnerabilities > Controlup {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Controlup"}]}