Primary

Context

Weird Solutions DHCP Turbo Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A vulnerability exists in Weird Solutions DHCP Turbo version 4.61298 due to an unquoted service path. This flaw allows local attackers to execute arbitrary code by exploiting the service binary path. Attackers can place malicious executables in the service path, potentially gaining elevated privileges when the service is started.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code with elevated privileges.

Reproduction

The vulnerability can be reproduced by placing a malicious executable in the unquoted service path of the DHCP Turbo 4.61298 application. Once the executable is in place, starting the service will execute the malicious payload with elevated privileges.

Added: Feb 1, 2026, 3:18 PM

Updated: Feb 1, 2026, 3:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Weird Solutions DHCP Turbo Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating