Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-import-export-lite domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the insert-headers-and-footers domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6121
Amiti Antivirus 25.0.640 - Unquoted Service Path - exploit.company
header-logo
Suggest Exploit
vendor:
Amiti Antivirus
by:
ZwX
7.5
CVSS
HIGH
Unquoted Service Path
428
CWE
Product Name: Amiti Antivirus
Affected Version From: 25.0.640
Affected Version To: 25.0.640
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows 7
2019

Amiti Antivirus 25.0.640 – Unquoted Service Path

The Amiti Antivirus software version 25.0.640 is vulnerable to an unquoted service path vulnerability. This vulnerability allows an attacker to escalate privileges by exploiting the way the service binary path is set. By placing a malicious executable in a specific location, an attacker can execute arbitrary code with elevated privileges.

Mitigation:

To mitigate this vulnerability, it is recommended to update to the latest version of Amiti Antivirus or apply the vendor-supplied patch. Additionally, users can manually set the correct service binary path to prevent the exploitation of this vulnerability.
Source

Exploit-DB raw data:

#Exploit Title: Amiti Antivirus 25.0.640 - Unquoted Service Path
#Exploit Author : ZwX
#Exploit Date: 2019-12-04
#Vendor Homepage : http://www.netgate.sk/
#Link Software : https://www.netgate.sk/download/download.php?id=11
#Tested on OS: Windows 7


#Analyze PoC :
==============


C:\Users\ZwX>sc qc ScsiAccess
[SC] QueryServiceConfig réussite(s)

SERVICE_NAME: AmitiAvHealth
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files\NETGATE\Amiti Antivirus\AmitiAntivirusHealth.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Amiti Antivirus Health Check
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

C:\Users\ZwX>sc qc AmitiAvSrv
[SC] QueryServiceConfig réussite(s)

SERVICE_NAME: AmitiAvSrv
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files\NETGATE\Amiti Antivirus\AmitiAntivirusSrv.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Amiti Antivirus Engine Service
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

Navigation

Suggest Exploit

Services By CQR

cqrsecured