header-logo
Suggest Exploit
vendor:
AnyDesk
by:
SajjadBnd
7.8
CVSS
HIGH
Unquoted Service Path
428
CWE
Product Name: AnyDesk
Affected Version From: AnyDesk 5.4.0
Affected Version To: AnyDesk 5.4.0
Patch Exists: NO
Related CWE:
CPE: a:anydesk:anydesk:5.4.0
Metasploit:
Other Scripts:
Platforms Tested: Windows 10 x64
2019

AnyDesk 5.4.0 – Unquoted Service Path

The AnyDesk service in version 5.4.0 has an unquoted service path vulnerability, which allows an attacker to escalate privileges by placing a malicious executable in a directory higher in the system's path than the legitimate AnyDesk executable.

Mitigation:

To mitigate this vulnerability, the vendor should update the service configuration to include quotes around the path to the AnyDesk executable. Users can also mitigate this vulnerability by manually updating the service configuration to include quotes around the path.
Source

Exploit-DB raw data:

# Exploit Title: AnyDesk 5.4.0 - Unquoted Service Path
# Exploit Author: SajjadBnd
# Date: 2019-12-23
# Vendor Homepage: http://anydesk.com
# Software Link: https://download.anydesk.com/AnyDesk.exe
# Version: Software Version 5.4.0
# Tested on: Win10 x64

SERVICE_NAME: AnyDesk
         TYPE              : 10  WIN32_OWN_PROCESS
         START_TYPE        : 2   AUTO_START
         ERROR_CONTROL     : 1   NORMAL
         BINARY_PATH_NAME  : "C:\Program Files (x86)\AnyDesk\AnyDesk.exe" --service
         LOAD_ORDER_GROUP  :
         TAG               : 0
         DISPLAY_NAME      : AnyDesk Service
         DEPENDENCIES      : RpcSs
         SERVICE_START_NAME: LocalSystem

Navigation

Suggest Exploit

Services By CQR