2020
05.13

Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation

Category: exploit / Tags: no tag / Add Comment

Druva inSync client for Windows exposes a network service on TCP port 6064 on the local network interface. inSync versions 6.5.2 and prior do not validate user-supplied program paths in RPC type 5 messages, allowing execution of arbitrary commands as SYSTEM. This Metasploit module has been tested successfully on inSync version 6.5.2r99097 on Windows 7 SP1 (x64).

No Comment.

Add Your Comment

Your Comment

You must be logged in to post a comment.