{"id":58642,"date":"2024-08-05T20:39:49","date_gmt":"2024-08-05T17:39:49","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/179905\/genexusps97210-unquotedpath.txt"},"modified":"2024-08-05T20:39:49","modified_gmt":"2024-08-05T17:39:49","slug":"genexus-protection-server-9-7-2-10-unquoted-service-path","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/genexus-protection-server-9-7-2-10-unquoted-service-path\/","title":{"rendered":"Genexus Protection Server 9.7.2.10 Unquoted Service Path"},"content":{"rendered":"<dl id=\"F179905\" class=\"file first\" readability=\"-1.3311897106109\">\n<dt><a class=\"ico text-plain\" href=\"https:\/\/packetstormsecurity.com\/files\/download\/179905\/genexusps97210-unquotedpath.txt\" title=\"Size: 0.9 KB\" target=\"_blank\" rel=\"noopener\"><strong>Genexus Protection Server 9.7.2.10 Unquoted Service Path<\/strong><\/a><\/dt>\n<dd class=\"datetime\">Posted <a href=\"https:\/\/packetstormsecurity.com\/files\/date\/2024-08-05\/\" title=\"17:09:14 UTC\" target=\"_blank\" rel=\"noopener\">Aug 5, 2024<\/a><\/dd>\n<dd class=\"refer\">Authored by <a href=\"https:\/\/packetstormsecurity.com\/files\/author\/15225\/\" class=\"person\" target=\"_blank\" rel=\"noopener\">SamAlucard<\/a><\/dd>\n<dd class=\"detail\" readability=\"-1\">\n<p>Genexus Protection Server version 9.7.2.10 suffers from an unquoted service path vulnerability.<\/p>\n<\/dd>\n<dd class=\"tags\"><span>tags<\/span> | <a href=\"https:\/\/packetstormsecurity.com\/files\/tags\/exploit\" target=\"_blank\" rel=\"noopener\">exploit<\/a><\/dd>\n<dd class=\"md5\"><span>SHA-256<\/span> | <code>0d3423b81fac0acbc8f3590a08c003578d0cf593893d18f3bf048590272aa035<\/code><\/dd>\n<dd class=\"act-links\"><a href=\"https:\/\/packetstormsecurity.com\/files\/download\/179905\/genexusps97210-unquotedpath.txt\" title=\"Size: 0.9 KB\" rel=\"nofollow noopener\" target=\"_blank\">Download<\/a> | <a href=\"https:\/\/packetstormsecurity.com\/files\/favorite\/179905\/\" class=\"fav\" rel=\"nofollow noopener\" target=\"_blank\">Favorite<\/a> | <a href=\"https:\/\/packetstormsecurity.com\/files\/179905\/Genexus-Protection-Server-9.7.2.10-Unquoted-Service-Path.html\" target=\"_blank\" rel=\"noopener\">View<\/a><\/dd>\n<\/dl>\n<div class=\"src\" readability=\"9.7348484848485\">\n<pre readability=\"7.5\"><code readability=\"9\">#Exploit Title: Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path Service Path<br>#Exploit Author : SamAlucard<br>#Exploit Date: 2024-07-31<br>#Vendor : Genexus<br>#Version : Genexus Protection Server 9.7.2.10<br>#Software Link: https:\/\/www.genexus.com\/en\/developers\/downloadcenter?data=;;<br>#Vendor Homepage : https:\/\/www.genexus.com\/es\/<br>#Tested on OS: Windows 10 Pro<p>#Analyze PoC :<br>==============<\/p><p>C:\\&gt;sc qc protsrvservice<br>[SC] QueryServiceConfig CORRECTO<\/p><p>NOMBRE_SERVICIO: protsrvservice<br>TIPO : 10 WIN32_OWN_PROCESS<br>TIPO_INICIO : 2 AUTO_START<br>CONTROL_ERROR : 1 NORMAL<br>NOMBRE_RUTA_BINARIO: C:\\Program Files<br>(x86)\\CommonFiles\\Artech\\GXProt1\\ProtSrv.exe<br>GRUPO_ORDEN_CARGA :<br>ETIQUETA : 0<br>NOMBRE_MOSTRAR : ProtSrvService<br>DEPENDENCIAS : RPCSS<br>NOMBRE_INICIO_SERVICIO: LocalSystem<\/p><\/code><\/pre>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Genexus Protection Server 9.7.2.10 Unquoted Service Path Posted Aug 5, 2024 Authored by SamAlucard Genexus Protection Server version 9.7.2.10 suffers from an unquoted service path vulnerability. tags | exploit SHA-256 | 0d3423b81fac0acbc8f3590a08c003578d0cf593893d18f3bf048590272aa035 Download | Favorite | View #Exploit Title: Genexus Protection Server 9.7.2.10 &#8211; &#8216;protsrvservice&#8217; Unquoted Service Path Service Path#Exploit Author : SamAlucard#Exploit Date: 2024-07-31#Vendor &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-58642","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/58642","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=58642"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/58642\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=58642"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=58642"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=58642"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}