header-logo
Suggest Exploit
vendor:
Firewalls
by:
Shadow Brokers
9,3
CVSS
HIGH
Remote Code Execution
119
CWE
Product Name: Firewalls
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2016

TOPSEC Firewalls – Remote Code Execution (ELIGIBLECONTESTANT)

This exploit allows remote attackers to execute arbitrary code on vulnerable installations of TOPSEC Firewalls. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of ELIGIBLECONTESTANT requests. By sending a specially crafted ELIGIBLECONTESTANT request, an attacker can cause a stack-based buffer overflow, resulting in remote code execution under the context of the application.

Mitigation:

Upgrade to the latest version of TOPSEC Firewalls
Source

Exploit-DB raw data:

# Exploit Title: TOPSEC Firewalls - Remote Code Execution (ELIGIBLECONTESTANT)
# Date: 19-08-2016
# Exploit Author: Shadow Brokers
# Vendor Homepage: http://www.topsec.com.cn/


Full Exploit:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/40272.zip

Navigation

Suggest Exploit

Services By CQR