Macro expert 4.9 unquoted service path Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2023-06-06 | Type : local | Platform : windows
This exploit / vulnerability Macro expert 4.9 unquoted service path is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

# Exploit Title: Macro Expert 4.9 - Unquoted Service Path
# Date: 04/06/2023
# Exploit Author: Murat DEMIRCI
# Vendor Homepage: http://www.macro-expert.com/
# Software Link: http://www.macro-expert.com/product/gm_setup_4.9.exe
# Version: 4.9
# Tested on: Windows 10

# Proof of Concept :

C:\Users\Murat>sc qc "Macro Expert"
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: Macro Expert
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : c:\program files (x86)\grasssoft\macro expert\MacroService.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Macro Expert
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem

# If a malicious payload insert into related path and service is executed in anyway, this can gain new privilege access to the system and perform malicious acts.

Macro expert 4.9 unquoted service path


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
Macro expert 4.9 unquoted service path Vulnerability / Exploit