vendor:
TapinRadio
by:
Victor Mondragón
7.8
CVSS
HIGH
Denial of Service
400
CWE
Product Name: TapinRadio
Affected Version From: 2.11.6
Affected Version To: 2.11.6
Patch Exists: YES
Related CWE: N/A
CPE: a:raimersoft:tapinradio:2.11.6
Metasploit:
N/A
Other Scripts:
N/A
Platforms Tested: Windows 7 Service Pack 1 x64
2019
TapinRadio 2.11.6 – ‘Uername’ Denial of Service (PoC)
TapinRadio 2.11.6 is vulnerable to a denial of service attack when a maliciously crafted username is provided. By providing a username of 10000 'A' characters, the application will crash when the user attempts to set the application proxy.
Mitigation:
Users should ensure that they are running the latest version of TapinRadio and should not provide untrusted input to the application.
