The vulnerability allows an attacker to execute arbitrary commands on the target system by uploading a malicious PHP file. By appending ",php" to the end of the Extensions_userfiles field in the CMS Settings, an attacker can upload a shell.php file via the Media section and access it remotely.
This exploit is a local exploit for GSM SIM Utility. It allows for a direct return-oriented programming attack. The code provided in the script is for educational purposes only and should not be used for illegal activities.
A buffer overflow vulnerability exists in GSM SIM Utility 5.15, which allows an attacker to execute arbitrary code by sending a specially crafted SMS file. The vulnerability is due to a lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can exploit this vulnerability by sending a specially crafted SMS file to the vulnerable application, which can result in arbitrary code execution.
Services By CQR