CVE-2005-1372

BakBone NetVault 7.1 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1372. PoCs published by Reed Arvin.

AI-analyzed exploit summary This exploit leverages a GUI-based privilege escalation vulnerability in BakBone NetVault's nvstatsmngr.exe by manipulating window properties to spawn a command prompt with LocalSystem privileges. The PoC uses the Windows API to uncover a hidden window and guide the user through a series of GUI interactions to achieve LPE.

Description

nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Reed Arvin · clocalwindows

https://www.exploit-db.com/exploits/1161

View Code ZIP pw:eip

This exploit leverages a GUI-based privilege escalation vulnerability in BakBone NetVault's nvstatsmngr.exe by manipulating window properties to spawn a command prompt with LocalSystem privileges. The PoC uses the Windows API to uncover a hidden window and guide the user through a series of GUI interactions to achieve LPE.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: BakBone NetVault (version unspecified, likely pre-2005)

Auth required

Prerequisites: Local access to a vulnerable system · BakBone NetVault installed with nvstatsmngr.exe running · GUI access to interact with the window

MITRE ATT&CK