CVE-2025-4540

A vulnerability was found in MTSoftware C-Lodop 6.6.1.1 on Windows. It has been rated as critical. This issue affects some unknown processing of the component CLodopPrintService. The manipulation leads to unquoted search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 6.6.13 is able to address this issue. It is recommended to upgrade the affected component.

CVSS

No CVSS.

References

Link	Resource
https://0nightsedge0.github.io/2025/05/14/CVE-2025-4540-C-Lodop/	Exploit Third Party Advisory
https://vuldb.com/?ctiid.308285	Permissions Required VDB Entry
https://vuldb.com/?id.308285	Third Party Advisory VDB Entry
https://vuldb.com/?submit.566789	Third Party Advisory VDB Entry
https://vuldb.com/?submit.566789	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:lodop:c-lodop:6.6.1.1:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

08 Jul 2025, 17:04

Type	Values Removed	Values Added
First Time		Lodop c-lodop Microsoft Lodop Microsoft windows
CPE		cpe:2.3:a:lodop:c-lodop:6.6.1.1:::::::* cpe:2.3:o:microsoft:windows:-:::::::*
CWE		CWE-428
References	~~() https://0nightsedge0.github.io/2025/05/14/CVE-2025-4540-C-Lodop/ -~~	() https://0nightsedge0.github.io/2025/05/14/CVE-2025-4540-C-Lodop/ - Exploit, Third Party Advisory
References	~~() https://vuldb.com/?id.308285 -~~	() https://vuldb.com/?id.308285 - Third Party Advisory, VDB Entry
References	~~() https://vuldb.com/?ctiid.308285 -~~	() https://vuldb.com/?ctiid.308285 - Permissions Required, VDB Entry
References	~~() https://vuldb.com/?submit.566789 -~~	() https://vuldb.com/?submit.566789 - Third Party Advisory, VDB Entry

23 May 2025, 18:15

Type	Values Removed	Values Added
Summary	A vulnerability was found in MTSoftware C-Lodop 6.6.1.1. It has been rated as critical. This issue affects some unknown processing of the component CLodopPrintService. The manipulation leads to unquoted search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 6.6.13 is able to address this issue. It is recommended to upgrade the affected component.	A vulnerability was found in MTSoftware C-Lodop 6.6.1.1 on Windows. It has been rated as critical. This issue affects some unknown processing of the component CLodopPrintService. The manipulation leads to unquoted search path. The attack needs to be approached locally. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 6.6.13 is able to address this issue. It is recommended to upgrade the affected component.
References	~~{'url': 'https://mega.nz/folder/A5lQQKpL#AF3WPzST3X1Ot6B6fs3bow', 'name': 'https://mega.nz/folder/A5lQQKpL#AF3WPzST3X1Ot6B6fs3bow', 'tags': [], 'refsource': ''}~~	() https://0nightsedge0.github.io/2025/05/14/CVE-2025-4540-C-Lodop/ -

12 May 2025, 13:15

Type	Values Removed	Values Added
CWE	CWE-426 CWE-428
CVSS	v2 : ~~unknown~~ v3 : ~~7.0~~	v2 : unknown v3 : unknown

11 May 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-11 16:15

Updated : 2025-07-08 17:04

NVD link : CVE-2025-4540

Mitre link : CVE-2025-4540

JSON object : View

Products Affected

lodop

c-lodop

microsoft

windows

CWE

CWE-428

Unquoted Search Path or Element

JSON object

Attach tags to CVE-2025-4540

Attach tags to `CVE-2025-4540`