Home / os / winnt

Druva inSync inSyncCPHwnet64.exe RPC Type 5 Privilege Escalation

Posted on 13 May 2020

Druva inSync client for Windows exposes a network service on TCP port 6064 on the local network interface. inSync versions 6.5.2 and prior do not validate user-supplied program paths in RPC type 5 messages, allowing execution of arbitrary commands as SYSTEM. This Metasploit module has been tested successfully on inSync version 6.5.2r99097 on Windows 7 SP1 (x64).

 

TOP

Malware :

Exploits :