THREATOPS
THREAT OPSThreat News › Shift Happens – Uncovering Two Built-in Command Injections in Windows Context Menus

Shift Happens – Uncovering Two Built-in Command Injections in Windows Context Menus

infospecteropsPublished 2026-05-07

<p class="wp-block-paragraph"><em><strong>TL;DR: </strong>Two command injection vulnerabilities exist in the Windows Explorer “Open PowerShell window here” context menu due to improper quoting and command injection through user-controlled folder paths. By creating folders with crafted names (e.g., <code>folder; calc</code>), an attacker can trigger arbitrary PowerShell command execution when a use

MITRE ATT&CK techniques

Original source: https://specterops.io/blog/2026/05/07/shift-happens-uncovering-two-built-in-command-injections-in-windows-context-menus/