Description
A Dynamic-link Library Injection vulnerability in GatewayGeo MapServer for Windows version 5 allows attackers to escalate privileges via a crafted executable.
Published: 2026-04-09
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Assess Impact
AI Analysis

Impact

GatewayGeo MapServer for Windows 5 contains a Dynamic-link Library Injection flaw that enables an attacker to run a specially crafted executable, resulting in the execution of injected code with elevated privileges. The weakness is a classic case of improper handling of DLL loading, classed under CWE‑427. The impact is the potential compromise of all system resources and data on the host, allowing the attacker to modify, exfiltrate, or delete information, and to gain full control of the affected machine.

Affected Systems

The vulnerability affects GatewayGeo MapServer for Windows version 5. No vendor information is listed, and no other affected versions are specified.

Risk and Exploitability

The CVSS score of 8.8 indicates a high severity risk, while the EPSS score is not available and the flaw is not listed in the CISA KEV catalog. The exploit requires an attacker to deliver a crafted executable to the target system; it is inferred that the attack vector is local privilege escalation, though a remote delivery path could exist if an attacker can compromise user execution. The lack of a publicly available patch increases the urgency for mitigation.

Generated by OpenCVE AI on April 9, 2026 at 22:45 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Verify if a patch or update is available from the vendor and apply it immediately
  • Restrict execution of the GatewayGeo MapServer binaries to trusted users only
  • Disable or monitor the ability to execute external DLLs in the MapServer directory
  • Use application whitelisting to block unauthorized executables
  • Monitor system logs for unexpected DLL loading or privilege escalation activities

Generated by OpenCVE AI on April 9, 2026 at 22:45 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 10 Apr 2026 10:00:00 +0000

Type Values Removed Values Added
Title Dynamic-link Library Injection in GatewayGeo MapServer for Windows 5 Allows Privilege Escalation

Fri, 10 Apr 2026 09:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Gatewaygeo
Gatewaygeo mapserver
Vendors & Products Gatewaygeo
Gatewaygeo mapserver

Thu, 09 Apr 2026 21:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-427
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

Thu, 09 Apr 2026 17:30:00 +0000

Type Values Removed Values Added
Description A Dynamic-link Library Injection vulnerability in GatewayGeo MapServer for Windows version 5 allows attackers to escalate privileges via a crafted executable.
References

Subscriptions

Gatewaygeo Mapserver
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-04-09T20:17:33.346Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30478

cve-icon Vulnrichment

Updated: 2026-04-09T18:34:51.239Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-09T18:16:58.847

Modified: 2026-04-13T15:02:27.760

Link: CVE-2026-30478

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:33:08Z

Weaknesses