vendor:
by:
HIGH
delete
CVSS
or modify any and all files/folders."
Privilege Escalation
bzyo
CWE
Product Name:
Affected Version From: Don't use default install path
Affected Version To: NO
Patch Exists: 269
Related CWE: 2018
CPE: 3.7
Metasploit:
Windows 7 x86 and x64
Other Scripts:
https://www.exploit-db.com/raw/44342
Platforms Tested: LabF
N/A
LabF nfsAxe 3.7 – Privilege Escalation
By default, LabF nfsAxe 3.7 installs to "C:UsersPublicProgram FilesLabF.comnfsAxe" and installs a service called "XwpXSetSrvnfsAxe service". By default in Windows with Public Folder sharing enabled, the permissions on any file/folder under "C:UsersPublic" is Full Control for Everyone. This means unprivileged users have the ability to add
