Magic Mouse 2 Utilities 2.20 Unquoted Service Path

Magic Mouse 2 Utilities version 2.20 suffers from an unquoted service path vulnerability.


MD5 | c3bf30bd3d1309b889140313b1d1d6ec

Download
#Exploit Title: Magic Mouse 2 utilities  2.20 - 'magicmouse2service' Unquoted Service Path
#Exploit Author : SamAlucard
#Exploit Date: 2020-11-07
#Vendor : Magic Utilities Pty
#Version : 64-bit 2.20
#Vendor Homepage : https://magicutilities.net/magic-mouse/home
#Tested on OS: Windows 10 Home


#Analyze PoC :
==============

C:\>sc qc "magicmouse2service"
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: magicmouse2service
        TIPO               : 10  WIN32_OWN_PROCESS
        TIPO_INICIO        : 2   AUTO_START
        CONTROL_ERROR      : 1   NORMAL
        NOMBRE_RUTA_BINARIO: C:\Program Files (x86)\Magic Mouse 2 -
Utilities\MagicMouse2Service.exe
        GRUPO_ORDEN_CARGA  :
        ETIQUETA           : 0
        NOMBRE_MOSTRAR     : Magic Mouse 2 Service
        DEPENDENCIAS       :
        NOMBRE_INICIO_SERVICIO: LocalSystem

Source: packetstormsecurity.com
Related Posts