Mikogo version 5.2.2.150317 suffers from a Mikogo-Service unquoted service path vulnerability.
de8b28e0f5ac6ad4e7e9250e3f9ca9b1# Exploit Title : Mikogo 5.2.2.150317 - 'Mikogo-Service' Unquoted Serive Path
# Date : 2019-10-15
# Exploit Author : Cakes
# Vendor: LiteManager Team
# Version : LiteManager 4.5.0
# Software: http://html.tucows.com/preview/518015/Mikogo?q=remote+support
# Tested on Windows 10
# CVE : N/A
c:\>sc qc Mikogo-Service
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: Mikogo-Service
TYPE : 110 WIN32_OWN_PROCESS (interactive)
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Users\Administrator\AppData\Roaming\Mikogo\Mikogo-Service.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : Mikogo-Service
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem