Weird Solutions DHCP Broadband Unquoted Service Path Vulnerability Allowing Elevated Privileges
Vulnerability
A vulnerability exists in Weird Solutions DHCP Broadband version 4.1.0.1503, where an unquoted service path in the application allows local attackers to execute code with elevated privileges. The vulnerability arises because the service path in 'C:\Program Files\DHCP Broadband 4\dhcpt.exe' is unquoted, enabling the injection of malicious code that could be executed during the service startup with LocalSystem permissions.
Impact
Exploitation of this vulnerability could lead to unauthorized code execution with elevated privileges, allowing local attackers to execute malicious payloads during the service startup.
Reproduction
The vulnerability can be reproduced by injecting malicious code into the unquoted service path of 'dhcpt.exe'. This can be done by exploiting the unquoted path to execute the injected code with LocalSystem privileges when the service is started or the system is rebooted.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.