NO-IP DUC version 4.1.1 suffers from a dll hijacking vulnerability.
cff422994d0c40b2f0c51b2cbde558d2e9c60e76675ddff1d5d4f35d5bb31604
=====================================================
# NO-IP DUC v4.1.1 - DLL Hijacking
=====================================================
# Vendor Homepage: http://noip.com
# Date: 20 Oct 2016
# Software Link : http://www.noip.com/client/DUCSetup_v4_1_1.exe
# Version : 4.1.1
# Author: Ashiyane Digital Security Team
# Contact: hehsan979@gmail.com
=====================================================
# Description :
DUC40.exe can be exploited to execute arbitrary code on victims system via
DLL hijacking.
# Vulnerable Libraries:
bcryptPrimitives.dll
CRYPTSP.dll
CRYPTBASE.dll
# PoC:
1. Create a malicious 'bcryptPrimitives.dll' or 'CRYPTSP.dll' or
'CRYPTBASE.dll' file and save it in "C:\Program Files\No-IP"
directory.
2. Execute DUC40.exe from "C:\Program Files\No-IP" directory.
3. Malicious dll file gets executed.
=====================================================
# Discovered By : Ehsan Hosseini
=====================================================