header-logo
Suggest Exploit
vendor:
Xpressa Handsets
by:
Unknown
7.5
CVSS
HIGH
Remote Denial of Service
Unknown
CWE
Product Name: Xpressa Handsets
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

Pingtel Xpressa Handsets Remote Denial of Service Vulnerability

Pingtel Xpressa handsets are prone to a remote denial of service vulnerability due to a lack of sufficient boundary checks performed on HTTP request data handled by the Xpressa administration web server. A remote attacker can exploit this vulnerability to effectively deny service to the affected handset and potentially execute arbitrary code.

Mitigation:

No known mitigation or remediation available
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11161/info

Pingtel Xpressa handsets are reported prone to a remote denial of service vulnerability. The issue is reported to exist because of a lack of sufficient boundary checks performed on HTTP request data handled by the Xpressa administration web server. 

It is reported that a remote attacker may exploit this vulnerability to effectively deny service to the affected handset. Due to the nature of this vulnerability, it is reported that this issue may be exploited in order to execute arbitrary code.

GET /<buffer>/cgi/application.cgi HTTP/1.0
Authorization: Basic [base64authstring]

Navigation

Suggest Exploit

Services By CQR