Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Sherpa Connector Service 2020.2.20328.2050 Unquoted Service Path

🗓️ 04 Apr 2022 00:00:00Reported by Harshit, Manthan ChhabraType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 302 Views

Sherpa Connector Service v2020.2.20328.2050 Unquoted Service Pat

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Sherpa Connector Service 2020.2.20328.2050 Unquoted Service Path Vulnerability
6 Apr 202200:00
zdt
ATTACKERKB		CVE-2022-23909
5 Apr 202206:15
attackerkb
Circl		CVE-2022-23909
5 Apr 202212:28
circl
CNNVD		Gimmal Sherpa Connector Service 代码问题漏洞
5 Apr 202200:00
cnnvd
CVE		CVE-2022-23909
5 Apr 202205:49
cve
Cvelist		CVE-2022-23909
5 Apr 202205:49
cvelist
Exploit DB		Sherpa Connector Service v2020.2.20328.2050 - Unquoted Service Path
7 Apr 202200:00
exploitdb
EUVD		EUVD-2022-28831
3 Oct 202520:07
euvd
NVD		CVE-2022-23909
5 Apr 202206:15
nvd
OSV		CVE-2022-23909
5 Apr 202206:15
osv
Rows per page
`# Exploit Title: Sherpa Connector Service (v2020.2.20328.2050) - Unquoted Service Path  
# Exploit Author: Manthan Chhabra (netsectuna), Harshit (fumenoid)  
# Version: 2020.2.20328.2050  
# Date: 02/04/2022  
# Vendor Homepage: http://gimmal.com/  
# Vulnerability Type: Unquoted Service Path  
# Tested on: Windows 10  
# CVE: CVE-2022-23909  
  
  
# Step to discover Unquoted Service Path:  
  
  
C:\>wmic service get name,displayname,pathname,startmode | findstr /i "sherpa" | findstr /i "auto" |findstr /i /v "c:\windows\\" |findstr /i /v """  
  
Sherpa Connector Service Sherpa Connector Service C:\Program Files\Sherpa Software\Sherpa Connector\SherpaConnectorService.exe Auto  
  
  
C:\>sc qc "Sherpa Connector Service"  
  
[SC] QueryServiceConfig SUCCESS  
  
SERVICE_NAME: Sherpa Connector Service  
TYPE : 10 WIN32_OWN_PROCESS  
START_TYPE : 2 AUTO_START  
ERROR_CONTROL : 1 NORMAL  
BINARY_PATH_NAME : C:\Program Files\Sherpa Software\Sherpa Connector\SherpaConnectorService.exe  
LOAD_ORDER_GROUP :  
TAG : 0  
DISPLAY_NAME : Sherpa Connector Service  
DEPENDENCIES : wmiApSrv  
SERVICE_START_NAME : LocalSystem  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Apr 2022 00:00Current
0.3Low risk
Vulners AI Score0.3
EPSS0.00216
exploitvulnerabilitywindows 10cve-2022-23909sherpa connector serviceunquoted service pathgimmalservice path discovery
302