File Sanitizer for HP ProtectTools version 5.0.1.3 suffers from an unquoted service path vulnerability.
75b26f7c0d16235054a3bca106f8e5ac092ce5691cfad937f93f63af339eb225#Exploit Title: File Sanitizer for HP ProtectTools 5.0.1.3 - 'HPFSService' Unquoted Service Path
#Exploit Author : SamAlucard
#Exploit Date: 2022-02-14
#Vendor : Hewlett-Packard(HP)
#Version : File Sanitizer for HP ProtectTools 5.0.1.3
#Vendor Homepage : https://www.hp.com
#Tested on OS: Windows 7 Pro
#Analyze PoC :
==============
C:\>sc qc HPFSService
[SC] QueryServiceConfig CORRECTO
NOMBRE_SERVICIO: HPFSService
TIPO : 10 WIN32_OWN_PROCESS
TIPO_INICIO : 2 AUTO_START
CONTROL_ERROR : 1 NORMAL
NOMBRE_RUTA_BINARIO: C:\Program Files (x86)\Hewlett-Packard\File
Sanitizer\HPFSService.exe
GRUPO_ORDEN_CARGA : File System
ETIQUETA : 0
NOMBRE_MOSTRAR : File Sanitizer for HP ProtectTools
DEPENDENCIAS :
NOMBRE_INICIO_SERVICIO: LocalSystem
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed