TRIGONE Remote System Monitor 3.61 Unquoted Service Path

2022.01.04

Credit: Yehia Elghaly

Risk: Medium

Local: Yes

Remote: No

CVE: N/A

CWE: N/A

# Exploit Title: TRIGONE Remote System Monitor 3.61 Unquoted Service Path
# Discovery by: Yehia Elghaly
# Date: 30-12-2021
# Vendor Homepage: https://www.trigonesoft.com/
# Software Link: https://www.trigonesoft.com/download/Remote_System_monitor_Server_3.61_x86_Setup.exe
# Tested Version: 3.61
# Vulnerability Type: Unquoted Service Path
# Tested on: Windows 7 x86 - Windows Server 2016 x64
# Step to discover Unquoted Service Path:
C:\>wmic service get name,displayname,pathname,startmode |findstr /i "auto"
|findstr /i /v "c:\windows\\" |findstr /i /v """
TRIGONE Remote System Monitor Server RemoteSystemMonitorService
C:\Program Files\TRIGONE\Remote System Monitor Server\RemoteSystemMonitorService.exe
Auto
C:\>sc qc srvInventoryWebServer
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: RemoteSystemMonitorService
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Program Files\TRIGONE\Remote System Monitor Serv
er\RemoteSystemMonitorService.exe
LOAD_ORDER_GROUP :
TAG : 0
DISPLAY_NAME : TRIGONE Remote System Monitor Server
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

TRIGONE Remote System Monitor 3.61 Unquoted Service Path

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.