iCash 7.6.5 - Denial of Service (PoC)

vendor:

iCash

by:

Gionathan "John" Reale

5.5

CVSS

MEDIUM

Denial of Service

400

CWE

Product Name: iCash

Affected Version From: 7.6.2005

Affected Version To: 7.6.2005

Patch Exists: NO

Related CWE:

CPE: a:maxprog:icash:7.6.5

Metasploit:

Other Scripts:

Platforms Tested: Windows 7 32-bit

2018

iCash 7.6.5 – Denial of Service (PoC)

This exploit creates a malicious payload that causes a denial of service in iCash version 7.6.5. The payload is a string of 'A' characters with a length of 7000. When the payload is pasted into the 'Host' field during the 'Connect to Server...' process, it causes the program to crash.

Mitigation:

Update to a patched version of iCash that addresses the vulnerability.

Source

iCash 7.6.5 – Denial of Service (PoC)

Mitigation:

Exploit-DB raw data: