0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Vonage VDV-23 - Denial of Service Exploit
Author
Risk
[
Security Risk Medium
]0day-ID
Category
Date add
CVE
Platform
Overview During an evaluation of the Vonage home phone router, it was identified that the loginUsername and loginPassword parameters were vulnerable to a buffer overflow. This overflow caused the router to crash and reboot. Further analysis will be performed to find out if the the crash is controllable and allow for full remote code execution. Device Description: 1 port residential gateway Hardware Version: VDV-23: 115 Original Software Version: 3.2.11-0.9.40 Exploitation Writeup This exploit was a simple buffer overflow. The use of spike fuzzer took place to identify the crash condition. When the application crashes, the router reboots causing a denial of service condition. The script below was further weaponized to sleep for a 60 second period while the device rebooted then continue one execution after another. Proof of concept code: The code below was used to exploit the application. This testing was only performed against denial of service conditions. The crash that was experienced potentially holds the ability to allow remote code execution. Further research will be performed against the device. DOSTest.py import requests passw = 'A' * 10580 post_data = {'loginUsername':'router', 'loginPassword':passw, 'x':'0', 'y':'0'} post_response = requests.post(url='http://192.168.15.1/goform/login', data=post_data) # 0day.today [2024-12-25] #