Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    2 vulnerabilities by Tenaxsoft

    CVE-2019-25272 (GCVE-0-2019-25272)

    Vulnerability from cvelistv5 – Published: 2026-02-04 23:15 – Updated: 2026-02-06 20:31
    VLAI
    Title
    TexasSoft CyberPlanet 6.4.131 - 'CCSrvProxy' Unquoted Service Path
    Summary
    TexasSoft CyberPlanet 6.4.131 contains an unquoted service path vulnerability in the CCSrvProxy service that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\TenaxSoft\CyberPlanet\SrvProxy.exe' to inject malicious executables and gain elevated system privileges.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-428 - Unquoted Search Path or Element
    Assigner
    Impacted products
    Date Public
    2019-11-28 00:00
    Credits
    Cristian Ayala G
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-25272",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-06T20:31:03.796988Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-06T20:31:11.611Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "TexasSoft CyberPlanet",
              "vendor": "Tenaxsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.4.131"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Cristian Ayala G"
            }
          ],
          "datePublic": "2019-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "TexasSoft CyberPlanet 6.4.131 contains an unquoted service path vulnerability in the CCSrvProxy service that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted path in \u0027C:\\Program Files (x86)\\TenaxSoft\\CyberPlanet\\SrvProxy.exe\u0027 to inject malicious executables and gain elevated system privileges."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-428",
                  "description": "Unquoted Search Path or Element",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-04T23:15:50.027Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-47724",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/47724"
            },
            {
              "name": "Vendor Homepage",
              "tags": [
                "product"
              ],
              "url": "https://tenaxsoft.com/index.html"
            },
            {
              "name": "VulnCheck Advisory: TexasSoft CyberPlanet 6.4.131 - \u0027CCSrvProxy\u0027 Unquoted Service Path",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/texassoft-cyberplanet-ccsrvproxy-unquoted-service-path"
            }
          ],
          "title": "TexasSoft CyberPlanet 6.4.131 - \u0027CCSrvProxy\u0027 Unquoted Service Path",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2019-25272",
        "datePublished": "2026-02-04T23:15:50.027Z",
        "dateReserved": "2026-01-06T16:07:08.525Z",
        "dateUpdated": "2026-02-06T20:31:11.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2019-25272 (GCVE-0-2019-25272)

    Vulnerability from nvd – Published: 2026-02-04 23:15 – Updated: 2026-02-06 20:31
    VLAI
    Title
    TexasSoft CyberPlanet 6.4.131 - 'CCSrvProxy' Unquoted Service Path
    Summary
    TexasSoft CyberPlanet 6.4.131 contains an unquoted service path vulnerability in the CCSrvProxy service that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\TenaxSoft\CyberPlanet\SrvProxy.exe' to inject malicious executables and gain elevated system privileges.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-428 - Unquoted Search Path or Element
    Assigner
    Impacted products
    Date Public
    2019-11-28 00:00
    Credits
    Cristian Ayala G
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-25272",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-06T20:31:03.796988Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-06T20:31:11.611Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "TexasSoft CyberPlanet",
              "vendor": "Tenaxsoft",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.4.131"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Cristian Ayala G"
            }
          ],
          "datePublic": "2019-11-28T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "TexasSoft CyberPlanet 6.4.131 contains an unquoted service path vulnerability in the CCSrvProxy service that allows local attackers to execute arbitrary code. Attackers can exploit the unquoted path in \u0027C:\\Program Files (x86)\\TenaxSoft\\CyberPlanet\\SrvProxy.exe\u0027 to inject malicious executables and gain elevated system privileges."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "LOCAL",
                "baseScore": 8.5,
                "baseSeverity": "HIGH",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "LOW",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "HIGH",
                "vulnConfidentialityImpact": "HIGH",
                "vulnIntegrityImpact": "HIGH",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS"
            },
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-428",
                  "description": "Unquoted Search Path or Element",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-02-04T23:15:50.027Z",
            "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
            "shortName": "VulnCheck"
          },
          "references": [
            {
              "name": "ExploitDB-47724",
              "tags": [
                "exploit"
              ],
              "url": "https://www.exploit-db.com/exploits/47724"
            },
            {
              "name": "Vendor Homepage",
              "tags": [
                "product"
              ],
              "url": "https://tenaxsoft.com/index.html"
            },
            {
              "name": "VulnCheck Advisory: TexasSoft CyberPlanet 6.4.131 - \u0027CCSrvProxy\u0027 Unquoted Service Path",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://www.vulncheck.com/advisories/texassoft-cyberplanet-ccsrvproxy-unquoted-service-path"
            }
          ],
          "title": "TexasSoft CyberPlanet 6.4.131 - \u0027CCSrvProxy\u0027 Unquoted Service Path",
          "x_generator": {
            "engine": "vulncheck"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "assignerShortName": "VulnCheck",
        "cveId": "CVE-2019-25272",
        "datePublished": "2026-02-04T23:15:50.027Z",
        "dateReserved": "2026-01-06T16:07:08.525Z",
        "dateUpdated": "2026-02-06T20:31:11.611Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }