Macro Expert 4.9 - Unquoted Service Path

vendor:

Macro Expert

by:

Murat DEMIRCI

N/A

CVSS

N/A

Unquoted Service Path

428

CWE

Product Name: Macro Expert

Affected Version From: 4.9

Affected Version To: 4.9

Patch Exists: NO

Related CWE: Unknown

CPE: Unknown

Metasploit:

Other Scripts:

Platforms Tested: Windows 10

2023

Macro Expert 4.9 – Unquoted Service Path

If a malicious payload is inserted into the related path and the service is executed in any way, this can gain new privilege access to the system and perform malicious acts.

Mitigation:

Unknown

Source

Exploit-DB raw data:

# Exploit Title: Macro Expert 4.9 - Unquoted Service Path
# Date: 04/06/2023
# Exploit Author: Murat DEMIRCI
# Vendor Homepage: http://www.macro-expert.com/
# Software Link: http://www.macro-expert.com/product/gm_setup_4.9.exe
# Version: 4.9
# Tested on: Windows 10

# Proof of Concept :

C:\Users\Murat>sc qc "Macro Expert"
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: Macro Expert
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : c:\program files (x86)\grasssoft\macro expert\MacroService.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Macro Expert
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

# If a malicious payload insert into related path and service is executed in anyway, this can gain new privilege access to the system and perform malicious acts.