Zilab remote console server 3.2.9 zrcs unquoted service path Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2019-10-16 | Type : local | Platform : windows
This exploit / vulnerability Zilab remote console server 3.2.9 zrcs unquoted service path is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

# Exploit Title : Zilab Remote Console Server 3.2.9 - 'zrcs' Unquoted Service Path
# Date : 2019-10-15
# Exploit Author : Cakes
# Vendor: Zilab Software Inc
# Version : Zilab Remote Console Server 3.2.9
# Software: http://html.tucows.com/preview/340137/Zilab-Remote-Console-Server?q=remote+support
# Tested on Windows 10
# CVE : N/A


C:\Users\Administrator>sc qc zrcs
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: zrcs
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 0 IGNORE
BINARY_PATH_NAME : C:\Program Files (x86)\Zilab\ZRCS\ZRCS.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Zilab Remote Console Server
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem

Zilab remote console server 3.2.9 zrcs unquoted service path


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
Zilab remote console server 3.2.9 zrcs unquoted service path Vulnerability / Exploit