header-logo
Suggest Exploit
vendor:
Remote System Monitor Server
by:
Yehia Elghaly
7.8
CVSS
HIGH
Unquoted Service Path
73
CWE
Product Name: Remote System Monitor Server
Affected Version From: 3.61
Affected Version To: 3.61
Patch Exists: NO
Related CWE:
CPE: a:trigonesoft:remote_system_monitor_server:3.61
Metasploit:
Other Scripts:
Platforms Tested: Windows 7 x86, Windows Server 2016 x64
2021

TRIGONE Remote System Monitor 3.61 – Unquoted Service Path

TRIGONE Remote System Monitor 3.61 is vulnerable to Unquoted Service Path vulnerability. An attacker can exploit this vulnerability to gain elevated privileges on the system. The vulnerability exists due to the service path of the RemoteSystemMonitorService not being properly quoted. By exploiting this vulnerability, an attacker can gain elevated privileges on the system.

Mitigation:

Ensure that all service paths are properly quoted. Also, ensure that all services are running with the least privileges required.
Source

Exploit-DB raw data:

# Exploit Title: TRIGONE Remote System Monitor 3.61 - Unquoted Service Path
# Discovery by: Yehia Elghaly
# Date: 30-12-2021
# Vendor Homepage:  https://www.trigonesoft.com/
# Software Link: https://www.trigonesoft.com/download/Remote_System_monitor_Server_3.61_x86_Setup.exe
# Tested Version: 3.61
# Vulnerability Type: Unquoted Service Path
# Tested on: Windows 7 x86 - Windows Server 2016 x64

# Step to discover Unquoted Service Path:

C:\>wmic service get name,displayname,pathname,startmode |findstr /i "auto"
|findstr /i /v "c:\windows\\" |findstr /i /v """

TRIGONE Remote System Monitor Server RemoteSystemMonitorService          
C:\Program Files\TRIGONE\Remote System Monitor Server\RemoteSystemMonitorService.exe    
Auto

C:\>sc qc srvInventoryWebServer
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: RemoteSystemMonitorService
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:\Program Files\TRIGONE\Remote System Monitor Serv
er\RemoteSystemMonitorService.exe
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : TRIGONE Remote System Monitor Server
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

Navigation

Suggest Exploit

Services By CQR