Frigate 3.36.0.9 command line local buffer overflow (seh) (poc) Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2020-06-08 |
Type : local |
Platform : windows
[+] Code ...
# Exploit Title: Frigate 3.36.0.9 - 'Command Line' Local Buffer Overflow (SEH) (PoC)
# Vendor Homepage: http://www.frigate3.com/
# Software Link Download: http://www.frigate3.com/download/frigate3_pro.exe
# Exploit Author: Paras Bhatia
# Discovery Date: 2020-06-07
# Vulnerable Software: Frigate
# Version: <= 3.36.0.9
# Vulnerability Type: Local Buffer Overflow
# Tested on: Windows 7 Ultimate Service Pack 1 (32 bit - English)
#Steps to Produce the Crash:
# 1.- Run python code: FrigateLCE.py
# 2.- Copy content to clipboard
# 3.- Turn off DEP for Frigate3.exe
# 4.- Open "Frigate3.exe"
# 5.- Go to "Command" > "Command Line" > "Activate Command Line"
# 6.- Paste ClipBoard into the "Command Line" field which appears at the bottom of the Frigate application.
# 7.- Press Enter from Keyboard.
# 7.- Click on OK in the dialog box that appears.
# 8.- Calc.exe runs.