Eclipse Mosquitto MQTT broker 2.0.9 – ‘mosquitto’ Unquoted Service Path – Digitalmunition




Exploit/Advisories spider-orange.png

Published on March 21st, 2021 📆 | 5646 Views ⚑

0

Eclipse Mosquitto MQTT broker 2.0.9 – ‘mosquitto’ Unquoted Service Path

# Exploit Title: Eclipse Mosquitto MQTT broker 2.0.9 - 'mosquitto' Unquoted Service Path
# Discovery by: Riadh Bouchahoua 
# Discovery Date: 19-03-2021
# Vendor Homepage: https://mosquitto.org/
# Software Links : https://mosquitto.org/download/
# Tested Version: 2.0.9
# Vulnerability Type: Unquoted Service Path
# Tested on OS: Windows 10 64 bits

# Step to discover Unquoted Service Path:



====

C:UsersAdmin>wmic service get name,pathname,startmode |findstr /i /v "C:Windows\" |findstr  "mosquitto"
mosquitto                                               C:Program Filesmosquittomosquitto.exe run                      

====

C:UsersAdmin>sc qc mosquitto
[SC] QueryServiceConfig réussite(s)

SERVICE_NAME: mosquitto
        TYPE               : 10  WIN32_OWN_PROCESS
        START_TYPE         : 2   AUTO_START
        ERROR_CONTROL      : 1   NORMAL
        BINARY_PATH_NAME   : C:Program Filesmosquittomosquitto.exe run
        LOAD_ORDER_GROUP   :
        TAG                : 0
        DISPLAY_NAME       : Mosquitto Broker
        DEPENDENCIES       :
        SERVICE_START_NAME : LocalSystem
            

Source link

Tagged with:



Leave a Reply