Remote Mouse 4.002 - Unquoted Service Path | Advisories

Advisories

Remote Mouse 4.002 - Unquoted Service Path

severity: high
date: January 15, 2026
Affecting: Remote Mouse Remote Mouse 3.008 & 4.002
CVE: CVE-2021-47792
CWE: CWE-428 Unquoted Search Path or Element
CVSS: 8.5
CVSS V4 Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
References: ExploitDB-50258
Official Vendor Homepage
Credit: Salman Asad (@deathflash1411) a.k.a LeoBreaker
Description: Remote Mouse 4.002 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the RemoteMouseService to inject malicious executables and gain administrative access.