Hubstaff 1.6.14 DLL Search Order Hijacking via wow64log Library

Advisories

Hubstaff 1.6.14 DLL Search Order Hijacking via wow64log Library

severity: high
date: 12/18/2025
Affecting: Hubstaff 1.6.13, 1.6.14
CVE: CVE-2023-53937
CWE: CWE-427 Uncontrolled Search Path Element
CVSS: 8.5
CVSS V4 Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
References: ExploitDB-51461
Official Product Homepage
Credit: Ahsan Azad
Description: Hubstaff 1.6.14 contains a DLL search order hijacking vulnerability that allows attackers to replace a missing system32 wow64log.dll with a malicious library. Attackers can generate a custom DLL using Metasploit and place it in the system32 directory to obtain a reverse shell during application startup.

Ready to get Started?

Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and vulnerability intelligence to help you prioritize and remediate vulnerabilities that matter.

Vulnerability Prioritization
Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
Early Warning System
Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.

Schedule a Demo