Vulnerabilities ›

CVE-2025-41359

High

CWE-428 — Weakness Type

                    Published: Mar 26, 2026                      ·  Modified: Apr 2, 2026                      ·  Source: NVD                

CVSS v3

7.8

🔗 NVD Official

📄 Description (English)

Vulnerability related to an unquoted service path in Small HTTP Server 3.06.36, specifically affecting the executable located at 'C:\Program Files (x86)\shttps_mg\http.exe service'. This misconfiguration allows a local attacker to place a malicious executable with the same name in a higher priority directory, causing the service to execute the malicious file instead of the legitimate one. Exploiting this flaw could allow arbitrary code execution, unauthorized access to the system, or service disruption. To mitigate the risk, the service path must be properly quoted, and systems must be kept up to date with security patches, while restricting physical and network access.

🤖 AI Executive Summary

CVE-2025-41359 is a privilege escalation vulnerability in Small HTTP Server 3.06.36 caused by an unquoted service path that allows local attackers to execute arbitrary code. An attacker can place a malicious executable in a higher priority directory to hijack the service execution.

📄 Description (Arabic)

تؤثر هذه الثغرة على Small HTTP Server 3.06.36 من خلال مسار خدمة غير مقتبس يسمح لمهاجم محلي بتنفيذ كود عشوائي. يمكن للمهاجم وضع ملف تنفيذي ضار في مجلد بأولوية بحث أعلى ليتم تنفيذه بدلاً من الملف الشرعي.

🤖 ملخص تنفيذي (AI)

This vulnerability affects Small HTTP Server 3.06.36 through an unquoted service path vulnerability that enables local privilege escalation and arbitrary code execution. Attackers can exploit this by placing malicious executables in directories with higher search priority.

🤖 AI Intelligence Analysis Analyzed: May 2, 2026 12:33

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: high

🏢 Affected Saudi Sectors

government telecom banking energy

🎯 MITRE ATT&CK Techniques

T1547.001 T1574.008 T1548.004

⚖️ Saudi Risk Score (AI)

8.0

/ 10.0

🔧 Remediation Steps (English)

Update Small HTTP Server to the latest patched version immediately. Quote the service executable path in the Windows registry at HKLM\System\CurrentControlSet\Services\[ServiceName] by enclosing the full path in quotation marks. Implement principle of least privilege for service accounts. Restrict local system access and monitor service execution logs for suspicious activity.

🔧 خطوات المعالجة (العربية)

قم بتحديث Small HTTP Server إلى أحدث إصدار مصحح فوراً. أضف علامات اقتباس حول مسار الخدمة في سجل Windows في HKLM\System\CurrentControlSet\Services\[ServiceName]. طبق مبدأ أقل امتياز للحسابات الخدمية. قيد الوصول المحلي للنظام ومراقبة سجلات تنفيذ الخدمة.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

AC-2 AC-3 SI-7

🔵 SAMA CSF

ID.AM-2 PR.AC-1 PR.PT-3

🟡 ISO 27001:2022

A.9.2.1 A.9.4.3 A.12.2.1

🔗 References & Sources 1

🔗

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-small-http-...

cve-coordination@incibe.es

Third Party Advisory

📦 Affected Products / CPE 1 entries

smallsrv:small_http_server

📊 CVSS Score

7.8

/ 10.0 — High

📊 CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack VectorL — Low / Local

Attack ComplexityL — Low / Local

Privileges RequiredL — Low / Local

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityH — High

IntegrityH — High

AvailabilityH — High

📋 Quick Facts

Severity High

CVSS Score7.8

CWECWE-428

Exploit No

Patch ✗ No

Published 2026-03-26

Source Feed nvd

🇸🇦 Saudi Risk Score

8.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

CWE-428

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

💬 Comments

Loading comments

CVE-2025-41359

💬 Comments

Introduce Yourself

Sign In Required