RDPGuard 9.9.9 - Privilege Escalation

Author: Ahmet Ümit BAYRAM
type: local
platform: multiple
port: 
date_added: 2025-05-13  
date_updated: 2025-05-13  
verified: 0  
codes: CVE-n/a  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 52289.txt  

# Exploit Title: RDPGuard 9.9.9 - Privilege Escalation
# Discovered by: Ahmet Ümit BAYRAM
# Discovered Date: 09.05.2025
# Vendor Homepage: https://rdpguard.com
# Software Link: https://rdpguard.com/download.aspx
# Tested Version: 9.9.9 (latest)
# Tested on: Windows 10 (32bit)

# # # Steps to Reproduce # # #

# 1. Prepare a .bat file containing your reverse shell code.
# 2. Open RDPGuard.
# 3. Navigate to Tools > Custom Actions / Notifications.
# 4. Click the "Add" button.
# 5. Leave "Event" as "IP Blocked".
# 6. Select "Execute Program" from the "Action" dropdown.
# 7. Under the "Program/script" field, select your prepared .bat file.
# 8. Set up your listener.
# 9. Click "Test Run".
# 10. A reverse shell as NT AUTHORITY\SYSTEM is obtained!