HC10 hc.server Service 10.14 remote code execution vulnerability


HC10 is the domestic record information inquiry website.

There is a remote code execution vulnerability in HC10 hc.server Service 10.14. The Server Service in host controller HC10 10.14 allows an invalid pointer to write to DoS if an attacker can reach the Service on port 8794.If a physical attacker or malware can set up its own program for service failover options, it can be used to maintain persistence.The attacker program can then attempt to restart the affected service by calling "sc start HCServerService" to try to stay unnoticed.Access to vulnerable services without authentication was successfully tested on Windows 7/10.