Headline

USB Flash Drives Control 4.1.0.0 Unquoted Service Path

USB Flash Drives Control version 4.1.0.0 suffers from an unquoted service path vulnerability.

1 year ago

#vulnerability #windows #microsoft #auth

# Exploit Title: USB Flash Drives Control 4.1.0.0 - Unquoted Service Path# Date: 2023-31-05# Exploit Author: Jeffrey Bencteux# Vendor Homepage: https://binisoft.org/# Software Link: https://binisoft.org/wfc# Version: 4.1.0.0# Tested on: Microsoft Windows 11 Pro# Vulnerability Type: Unquoted Service PathPS C:\> wmic service get name,displayname,pathname,startmode |findstr /i"auto" |findstr /i /v "c:\windows"USB Flash Drives Control       usbcs       C:\Program Files\USB FlashDrives Control\usbcs.exe       AutoPS C:\> sc.exe qc usbcs[SC] QueryServiceConfig SUCCESSSERVICE_NAME: usbcs        TYPE               : 10  WIN32_OWN_PROCESS        START_TYPE         : 2   AUTO_START        ERROR_CONTROL      : 1   NORMAL        BINARY_PATH_NAME   : C:\Program Files\USB Flash DrivesControl\usbcs.exe        LOAD_ORDER_GROUP   :        TAG                : 0        DISPLAY_NAME       : USB Flash Drives Control        DEPENDENCIES       :        SERVICE_START_NAME : LocalSystemPS C:\> systeminfoOS Name:                   Microsoft Windows 11 ProOS Version:                10.0.22621 N/A Build 22621OS Manufacturer:           Microsoft Corporation-- Jeffrey BENCTEUX

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution

1 month ago

Packet Storm

Fortinet FortiManager Unauthenticated Remote Code Execution

1 month ago

Packet Storm

Asterisk AMI Originate Authenticated Remote Code Execution

1 month ago

Packet Storm

Debian Security Advisory 5823-1

1 month ago

Packet Storm

Debian Security Advisory 5815-2

1 month ago

Packet Storm