Description
Brother SAPSprint 7.60 contains an unquoted service path vulnerability in the SAPSprint service binary that allows local attackers to escalate privileges. Attackers can place a malicious executable in the Program Files directory path to be executed with LocalSystem privileges when the service starts automatically.
Problem types
Unquoted Search Path or Element
Product status
Credits
Brian Rodriguez
References
www.exploit-db.com/exploits/50061 (ExploitDB-50061)
brother.com/ (Official Product Homepage)
www.vulncheck.com/...uoted-service-path-privilege-escalation (VulnCheck Advisory: Brother SAPSprint 7.60 Unquoted Service Path Privilege Escalation)