Softros LAN Messenger Unquoted Service Path Vulnerability in SoftrosSpellChecker Service

A unquoted service path vulnerability has been identified in Softros LAN Messenger version 9.6.4, specifically within the SoftrosSpellChecker service. This vulnerability allows local attackers to execute arbitrary code by exploiting the unquoted service path. The path can be manipulated to inject malicious executables, potentially leading to privilege escalation.

Impact

Exploitation of this vulnerability could allow local attackers to execute arbitrary code with elevated privileges.

Reproduction

The vulnerability can be reproduced by injecting a malicious executable into the unquoted service path of the SoftrosSpellChecker service. This can be done by placing the executable in the 'C:\Program Files (x86)\Softros Systems\Softros Messenger\Spell Checker\' directory. Once the executable is in place, the SoftrosSpellChecker service can be restarted, triggering the execution of the injected payload.