Share
## https://sploitus.com/exploit?id=PACKETSTORM:173990
# Exploit Title: DLL Hijacking in Diebold Nixdorf Vynamic View Console 5.3.1 Banking Software  
# Date: 2023-08-04  
# Exploit Author: Matei Josephs  
# Vendor Homepage:[https://www.dieboldnixdorf.com/](https://www.dieboldnixdorf.com/en-us/banking/portfolio/software/view/)  
# Version: Diebold Nixdorf Vynamic View Console 5.3.1  
# CVE : CVE-2023-36344  
  
Introduction  
=================  
An issue in Diebold Nixdorf Vynamic View Console v.5.3.1 and before allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature. The following DLLs allow DLL Hijcaking:  
VERSION.DLL  
WINMM.DLL  
WSOCK32.DLL  
MSVCR100.DLL  
WINMMBASE.DLL  
USERENV.DLL  
CRYPTBASE.DLL  
URLMON.DLL  
IEUTIL.DLL  
SRVCLI.DLL  
NETUTILS.DLL  
IPHLPAPI.DLL  
USP10.DLLWININET.DLL  
  
Proof of Concept  
=================  
An attacker can create a malicious DLL, rename it to one of the above and place it in the folder where the executable attempts to load the DLL. When the program is executed, the malicious DLL runs in the context of the benign program.  
  
Kind regards,Matei