HTTPDebuggerPro 9.11 Unquoted Service Path

HTTPDebuggerPro version 9.11 suffers from an unquoted service path vulnerability.


MD5 | 15b26d961cda9e9ff6659150b6459669

# Exploit Title: HTTPDebuggerPro 9.11 - Unquoted Service Path
# Exploit Author: Aryan Chehreghani
# Date: 23/11/2021
# Vendor Homepage: https://www.httpdebugger.com
# Software Link: https://www.httpdebugger.com/download.html
# Version: 9.11
# Tested on: Windows 10 x64

SERVICE_NAME: HTTPDebuggerPro
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : "C:\Program Files (x86)\HTTPDebuggerPro\HTTPDebuggerSvc.exe"
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : HTTP Debugger Pro
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem


Related Posts