Genexus Protection Server 9.7.2.10 Unquoted Service Path

Genexus Protection Server 9.7.2.10 Unquoted Service Path
Posted Aug 5, 2024
Authored by SamAlucard

Genexus Protection Server version 9.7.2.10 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 0d3423b81fac0acbc8f3590a08c003578d0cf593893d18f3bf048590272aa035
Download | Favorite | View
#Exploit Title: Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path Service Path
#Exploit Author : SamAlucard
#Exploit Date: 2024-07-31
#Vendor : Genexus
#Version : Genexus Protection Server 9.7.2.10
#Software Link: https://www.genexus.com/en/developers/downloadcenter?data=;;
#Vendor Homepage : https://www.genexus.com/es/
#Tested on OS: Windows 10 Pro
#Analyze PoC :
==============
C:\>sc qc protsrvservice
[SC] QueryServiceConfig CORRECTO
NOMBRE_SERVICIO: protsrvservice
TIPO : 10 WIN32_OWN_PROCESS
TIPO_INICIO : 2 AUTO_START
CONTROL_ERROR : 1 NORMAL
NOMBRE_RUTA_BINARIO: C:\Program Files
(x86)\CommonFiles\Artech\GXProt1\ProtSrv.exe
GRUPO_ORDEN_CARGA :
ETIQUETA : 0
NOMBRE_MOSTRAR : ProtSrvService
DEPENDENCIAS : RPCSS
NOMBRE_INICIO_SERVICIO: LocalSystem

نوشته های مشابه

Samhain File Integrity Checker 4.5.1

Red Hat Security Advisory 2024-6421-03

Red Hat Security Advisory 2024-6428-03

Online Survey System 1.0 SQL Injection