HomeGuard Pro version 9.3.1 suffers from an insecure folder permission vulnerability.

MD5 | a0e51a7e93f68de15cbd46648a358704

# Exploit Title: HomeGuard Pro 9.3.1 - Insecure Folder Permissions
# Exploit Author: boku
# Date: 2020-02-13
# Vendor Homepage: https://veridium.net
# Software Link: https://veridium.net/files_u/hg-pro/exe/HomeGuardPro-Setup.exe
# Version 9.3.1
# Tested On: Windows 10 (32-bit)

# HomeGuard Pro v9.3.1 - Unquoted Service Path + Insecure Folder/File/Service Permissions

## Service Information (Unquoted Service Path)
C:>wmic service get Name,PathName,StartMode,StartName | findstr /v "C:Windows" | findstr /i /v """
Name PathName StartMode StartName
HG52 AM VI C:Program FilesHomeGuard Provglset.exe Auto LocalSystem
HG52 AMC C:Program FilesHomeGuard Provglsetw.exe Auto LocalSystem
HG52 AM REM C:Program FilesHomeGuard Provglrem.exe Auto LocalSystem
HG52 AM SRV C:Program FilesHomeGuard Provglserv.exe Auto LocalSystem

## Insecure Folder Permission
C:>icacls "C:Program FilesHomeGuard Pro" | findstr /i "Users"
C:Program FilesHomeGuard Pro BUILTINUsers:(F)

## Insecure File/Service Permission
C:>icacls "C:Program FilesHomeGuard ProVGL*" | findstr /i "Users"
C:Program FilesHomeGuard Provglrem.exe BUILTINUsers:(I)(F)
C:Program FilesHomeGuard ProVGLSERV.EXE BUILTINUsers:(I)(F)
C:Program FilesHomeGuard Provglset.exe BUILTINUsers:(I)(F)
C:Program FilesHomeGuard Provglsetw.exe BUILTINUsers:(I)(F)

Source