vendor:
SpotDialup
by:
Ismail Tasdelen
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: SpotDialup
Affected Version From: 1.6.7
Affected Version To: 1.6.7
Patch Exists: NO
Related CWE: N/A
CPE: a:nsauditor:spotdialup
Metasploit:
N/A
Other Scripts:
N/A
Platforms Tested: Windows 10
2020
SpotDialup 1.6.7 – ‘Name’ Denial of Service (PoC)
SpotDialup is vulnerable to a denial of service attack when a malicious user sends an overly long string to the 'Name' field. This causes the application to crash.
Mitigation:
Users should avoid opening files from untrusted sources and should apply the latest patches provided by the vendor.
