top of page
perceptive_background_267k.jpg

DHCP Turbo 4.61298 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service b…

Published:

31 January 2026 at 23:00:00

Alert date:

1 February 2026 at 16:03:01

Source:

nvd.nist.gov

Click to open the original link from this advisory

Network Infrastructure, Operating Systems

CVE-2020-37062 affects DHCP Turbo version 4.61298, containing an unquoted service path vulnerability. This flaw allows local attackers to execute arbitrary code by exploiting the service binary path. Attackers can place malicious executables in the service path to gain elevated privileges when the service starts. The vulnerability enables privilege escalation through a common Windows service misconfiguration. Local access is required for exploitation, but successful attacks result in elevated system privileges.

Technical details

Mitigation steps:

Affected products:

DHCP Turbo

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2020-37062
https://www.exploit-db.com/exploits/48080
https://www.vulncheck.com/advisories/dhcp-turbo-dhcp-turbo-unquoted-service-path
https://www.weird-solutions.com

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page