Primary

Context

Connectify Hotspot Unquoted Service Path Vulnerability in ConnectifyService Executable

Vulnerability

A vulnerability exists in Connectify Hotspot 2018 due to an unquoted service path in the ConnectifyService executable. This flaw allows local attackers to execute arbitrary code by exploiting the unquoted path in 'C:\Program Files (x86)\Connectify\ConnectifyService.exe'. Attackers could inject malicious executables to escalate privileges.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution with elevated privileges.

Reproduction

The vulnerability can be reproduced by injecting a malicious executable into the unquoted service path of the ConnectifyService. Once the executable is injected, it can be executed to achieve arbitrary code execution with escalated privileges.

Added: Jan 14, 2026, 12:05 AM

Updated: Jan 14, 2026, 12:05 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.6

remediation

0.0

relevance

2.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.6

remediation

0.0

relevance

2.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Connectify Hotspot Unquoted Service Path Vulnerability in ConnectifyService Executable

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating