Search for hundreds of thousands of exploits

"Wacom WTabletService 6.6.7-3 - 'WTabletServicePro' Unquoted Service Path"

Author

Exploit author

"Marcos Antonio León"

Platform

Exploit platform

windows

Release date

Exploit published date

2019-11-06

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# Exploit Title: Wacom WTabletService 6.6.7-3 - 'WTabletServicePro' Unquoted Service Path
# Discovery by: Marcos Antonio León (psk)
# Discovery Date: 2019-11-04
# Vendor Homepage: https://www.wacom.com
# Software Link : http://cdn.wacom.com/U/drivers/IBMPC/pro/WacomTablet_637-3.exe
# Tested Version: 6.3.7.3
# Vulnerability Type: Unquoted Service Path
# Tested on OS: Windows 10 Home x64 es

# Step to discover Unquoted Service Path:

C:\>sc qc WTabletServicePro
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: WTabletServicePro
        TIPO               : 10  WIN32_OWN_PROCESS
        TIPO_INICIO        : 2   AUTO_START
        CONTROL_ERROR      : 1   NORMAL
        NOMBRE_RUTA_BINARIO: C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
        GRUPO_ORDEN_CARGA  : PlugPlay
        ETIQUETA           : 0
        NOMBRE_MOSTRAR     : Wacom Professional Service
        DEPENDENCIAS       :
        NOMBRE_INICIO_SERVICIO: LocalSystem

#Exploit:

A successful attempt would require the local attacker must insert an
executable file in the path of the service. Upon service restart or
system reboot, the malicious code will be run with elevated
privileges.
Release DateTitleTypePlatformAuthor
2020-07-06"RSA IG&L Aveksa 7.1.1 - Remote Code Execution"webappsmultiple"Jakub Palaczynski"
2020-07-06"Nagios XI 5.6.12 - 'export-rrd.php' Remote Code Execution"webappsphp"Basim Alabdullah"
2020-07-06"File Management System 1.1 - Persistent Cross-Site Scripting"webappsphpKeopssGroup0day_Inc
2020-07-06"RiteCMS 2.2.1 - Authenticated Remote Code Execution"webappsphp"Enes Özeser"
2020-07-06"Fire Web Server 0.1 - Remote Denial of Service (PoC)"doswindows"Saeed reza Zamanian"
2020-07-06"Grafana 7.0.1 - Denial of Service (PoC)"doslinuxmostwanted002
2020-07-02"WhatsApp Remote Code Execution - Paper"webappsandroid"ashu Jaiswal"
2020-07-02"ZenTao Pro 8.8.2 - Command Injection"webappsphp"Daniel Monzón"
2020-07-02"OCS Inventory NG 2.7 - Remote Code Execution"webappsmultipleAskar
2020-07-01"e-learning Php Script 0.1.0 - 'search' SQL Injection"webappsphpKeopssGroup0day_Inc
Release DateTitleTypePlatformAuthor
2020-06-26"KiteService 1.2020.618.0 - Unquoted Service Path"localwindows"Marcos Antonio León"
2019-11-06"Wacom WTabletService 6.6.7-3 - 'WTabletServicePro' Unquoted Service Path"localwindows"Marcos Antonio León"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/47593/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.