August 1, 2021

Laptop Search

News Site

Eclipse Mosquitto MQTT broker 2.0.9 – ‘mosquitto’ Unquoted Service Path

Sonlogger 4.2.3.3 - SuperAdmin Account Creation / Information Disclosure


# Exploit Title: Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path
# Discovery by: Riadh Bouchahoua 
# Discovery Date: 19-03-2021
# Vendor Homepage: https://mosquitto.org/
# Software Links : https://mosquitto.org/download/
# Tested Version: 2.0.9
# Vulnerability Type: Unquoted Service Path
# Tested on OS: Windows 10 64 bits

# Step to discover Unquoted Service Path:



====

C:UsersAdmin>wmic service get name,pathname,startmode |findstr /i /v "C:Windows\" |findstr  "mosquitto"
mosquitto                                               C:Program Filesmosquittomosquitto.exe run                      

====

C:UsersAdmin>sc qc mosquitto
[SC] QueryServiceConfig réussite(s)

SERVICE_NAME: mosquitto
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:Program Filesmosquittomosquitto.exe run
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Mosquitto Broker
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem
            



Source link