Lucene search

K

Immunity CanvasCVE_2014_9222

HistoryDec 24, 2014 - 6:59 p.m.

Immunity Canvas: CVE_2014_9222

2014-12-2418:59:00

Immunity Canvas

exploitlist.immunityinc.com

60

0.97 High

EPSS

Percentile

99.8%

Name	CVE_2014_9222
CVE	CVE-2014-9222 Exploit Pack
VENDOR: Alegro
Notes:
This module exploits the arbitrary memory overwrite vulnerability in RomPager embedded web-server, which was originally introduced by CheckPoint.
Current version of the module and used offsets are calculated based on RomPager 5.04, running on TP-Link TD-W8961ND_V2_120427 firmware.
ZynOS provides a command in console “sys pswauthen” that can be used to temporarily disable authentication of web-based management interfaces.
This command sets a special flag in memory, which we overwrite with this exploit to enable/disable authentication.
Current version of the module does not support dynamic calculation of offset of the authentication flag, but knowing the model of target device, it would be easy to calculate it.

Using this exploit against different versions/devices that are vulnerable, WILL CAUSE CRASH AND REBOOT of the device.

Repeatability: Infinite
References: [‘http://mis.fortunecook.ie/’]
CVE Url: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9222
CVSS: 7.5

0.97 High

EPSS

Percentile

99.8%

Related for CVE_2014_9222

kitploit1 threatpost2 openvas1 checkpoint_advisories1 seebug2 nvd1 prion1 cve1 metasploit2 thn1 cvelist1 ics1 nessus3 cert1 packetstorm1 huawei1 exploitpack1 nmap1 exploitdb1