Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation

Posted by deepcore on May 13, 2020 – 8:53 pm

Druva inSync client for Windows exposes a network service on TCP port 6064 on the local network interface. inSync versions 6.5.2 and prior do not validate user-supplied program paths in RPC type 5 messages, allowing execution of arbitrary commands as SYSTEM. This Metasploit module has been tested successfully on inSync version 6.5.2r99097 on Windows 7 SP1 (x64).

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« [local] Remote Desktop Audit 2.3.0.157 – Buffer Overflow (SEH) Netsweeper WebAdmin unixlogin.php Python Code Injection »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL