header-logo
Suggest Exploit
vendor:
Kiwi Syslog Server
by:
Milad Karimi (Ex3ptionaL)
6.1
CVSS
HIGH
Unquoted Service Path
428
CWE
Product Name: Kiwi Syslog Server
Affected Version From: 9.6.7.1
Affected Version To: 9.6.7.1
Patch Exists: NO
Related CWE: CVE-2024-XXXXX
CPE: a:solarwinds:kiwi_syslog_server:9.6.7.1
Platforms Tested: Windows 10 Pro x64
2024

SolarWinds Kiwi Syslog Server 9.6.7.1 – Unquoted Service Path

SolarWinds Kiwi Syslog Server 9.6.7.1 has an unquoted service path vulnerability, which could allow an attacker to escalate privileges by placing a malicious executable in the system path. This vulnerability has been assigned CVE-ID CVE-2024-XXXXX.

Mitigation:

To mitigate this vulnerability, users should ensure that all service paths are quoted properly to prevent unauthorized files from being executed. Additionally, regular security scans and monitoring can help detect any unusual activities.
Source

Exploit-DB raw data:

# Exploit Title: SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path
# Date: 2024-07-31
# Exploit Author: Milad Karimi (Ex3ptionaL)
# Contact: miladgrayhat@gmail.com
# Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL
# MiRROR-H: https://mirror-h.org/search/hacker/49626/
# Vendor Homepage: https://www.kiwisyslog.com/
# Software Link: https://www.kiwisyslog.com/downloads
# Version: Software Version 9.6.7.1
# Tested on: Windows 10 Pro x64

1. Description:

SolarWinds Kiwi Syslog Server 9.6.7.1 is an affordable software to manage
syslog messages, SNMP traps, and Windows event logs


2. Proof

C:\>sc qc "Kiwi Syslog Server"
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: Kiwi Syslog Server
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : "C:\Program Files
(x86)\Syslogd\Syslogd_Service.exe"
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Kiwi Syslog Server
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem


C:\>systeminfo

OS Name:  Microsoft Windows 10 Pro
OS Version: 10.0.19045 N/A Build 19045
OS Manufacturer: Microsoft Corporation