Insecure DLL Search Path in IP Setting Software by I-Pro
CVE-2026-34488

7HIGH

Key Information:

Vendor: I-pro Co., Ltd.
Status: Ip Setting Software
Vendor: CVE Published:; 23 April 2026

🔔 Create I-pro Co., Ltd. Vulnerability Alert

What is CVE-2026-34488?

The IP Setting Software developed by I-Pro has a vulnerability related to its Dynamic Link Library (DLL) search path. This flaw allows for insecure loading of DLLs, which could potentially lead to the execution of arbitrary code with administrative privileges. This type of vulnerability can compromise system integrity, enabling attackers to exploit the flaw for unauthorized actions within the software environment.

Affected Version(s)

IP Setting Software prior to V5.20

References

https://i-pro.com/products_and_solutions/en/surveillance/...

https://jvn.jp/en/jp/JVN42090270/

CVSS V4

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

CVSS V3.0

Score:

7.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 23, 2026
Vulnerability Reserved
Apr 10, 2026

CVE-2026-34488 Data

JSON