Exploit for HealthMonitor 3.1 Unquoted Service Path

Name: Exploit for HealthMonitor 3.1 Unquoted Service Path
Rating: 5 (573 reviews)

2020-10-31 | CVSS -0.0

## https://sploitus.com/exploit?id=PACKETSTORM:159782
# Exploit Title: HealthMonitor 3.1 - Unquoted Service Path  
# Discovery by: yunaranyancat  
# Discovery Date: October 2020  
# Vendor Homepage: https://sourceforge.net/projects/healthmonitor/  
# Software Link : https://sourceforge.net/projects/healthmonitor/files/HealthMonitor%20Application/3.1%20Stable/HealthMonitor_3.1Stable.zip/download  
# Tested Version: 3.1  
# Vulnerability Type: Unquoted Service Path  
# Tested on OS: Windows 10   
  
# Vulnerability discovery:  
  
Registry value : HKLM\SYSTEM\ControlSet001\Services\HealthMonitor  
  
# Service info:  
  
C:\>sc qc HealthMonitor  
[SC] QueryServiceConfig SUCCESS  
  
SERVICE_NAME: HealthMonitor  
TYPE : 10 WIN32_OWN_PROCESS  
START_TYPE : 2 AUTO_START  
ERROR_CONTROL : 1 Normal  
BINARY_PATH_NAME : C:\Program Files (x86)\HealthMonitor\HealthMonitor.exe  
LOAD_ORDER_GROUP :  
TAG : 0  
DISPLAY_NAME : HealthMonitor  
DEPENDENCIES : winmgmt  
: SysmonLog  
SERVICE_START_NAME : LocalSystem  
  
# Exploit:  
This vulnerability could permit executing code during startup or reboot with the escalated privileges.