What is CVE-2019-25747?

CVE-2019-25747 is a high-severity vulnerability in Network-inventory-advisor Network Inventory Advisor, classified under Unquoted Search Path or Element. CVSS score: 7.8/10. Published 2026-06-19.

How severe is CVE-2019-25747?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Network-inventory-advisor Network Inventory Advisor

CVE-2019-25747

Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate directories. Attackers can exploit the unqu…

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Network-inventory-advisor Network Inventory Advisor — versions 5.0.26.0

Weakness classification (CWE)

CWE-428 — Unquoted Search Path or Element

References

disclosure@vulncheck.com (exploit)
disclosure@vulncheck.com (product)
disclosure@vulncheck.com (product)
disclosure@vulncheck.com (third-party-advisory)

Frequently asked questions

What is CVE-2019-25747?: CVE-2019-25747 is a high-severity vulnerability in Network-inventory-advisor Network Inventory Advisor, classified under Unquoted Search Path or Element. CVSS score: 7.8/10. Published 2026-06-19.
How severe is CVE-2019-25747?: High severity. CVSS v3 base score is 7.8 out of 10.