WorkgroupMail 7.5.1 - 'WorkgroupMail' Unquoted Service Path

vendor:

WorkgroupMail

by:

Cakes

7.8

CVSS

HIGH

Unquoted Service Path

CWE

Product Name: WorkgroupMail

Affected Version From: 7.5.1

Affected Version To: 7.5.1

Patch Exists: NO

Related CWE: N/A

CPE: a:softalk:workgroupmail:7.5.1

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 10

2019

WorkgroupMail 7.5.1 – ‘WorkgroupMail’ Unquoted Service Path

WorkgroupMail 7.5.1 is vulnerable to an unquoted service path vulnerability. This vulnerability allows an attacker to gain elevated privileges on the system by exploiting the unquoted service path. The vulnerable service is 'WorkgroupMail' and the vulnerable binary is 'wmsvc.exe'. The vulnerable version is 7.5.1 and the vulnerable platform is Windows 10.

Mitigation:

Ensure that all services have their paths quoted properly and that all services are running with the least privileges necessary.

Source

Exploit-DB raw data:

# Exploit Title : WorkgroupMail 7.5.1 - 'WorkgroupMail' Unquoted Service Path
# Date : 2019-10-15
# Exploit Author : Cakes
# Vendor: Softalk
# Version : 7.5.1
# Software: http://html.tucows.com/preview/195580/WorkgroupMail-Mail-Server?q=pop3
# Tested on Windows 10
# CVE : N/A 


c:\>sc qc WorkgroupMail
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: WorkgroupMail
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files (x86)\WorkgroupMail\wmsvc.exe -s
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : WorkgroupMail
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem