Published: 19/06/2015 Updated: 03/12/2016

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442, 5343, 5342, 5341, and 5021 DSL modems with firmware 1.0.2.0 and previous versions allows remote malicious users to execute arbitrary code via a long string in the redirect parameter to cgi-bin/login.

Vulnerable Product	Search on Vulmon	Subscribe to Product
airties air_firmware

#!/usr/bin/env python ##################################################################################### # Exploit for the AIRTIES Air5650v3TT # Spawns a reverse root shell # Author: Batuhan Burakcin # Contact: batuhan@bmicrosystemscom # Twitter: @batuhanburakcin # Web: wwwbmicrosystemscom ############################################# ...

## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager def initialize(info = {}) super(update_i ...

qiling framework examples

Having fun with Qiling Framework Contents Fuzzing Old Airties 5650 firmware exploit experiment (CVE-2015-2797) devilinsideme/blogs/reproducing-ndays-qiling Malware Metasploit shellcode windows payload analyzing example devilinsideme/blogs/analyzing-shellcode-qiling-framework Emulation aescrypt2 emulation devilinsideme/blogs/decrypt-co

CWE-119 http://www.bmicrosystems.com/blog/exploiting-the-airties-air-series/http://osvdb.org/show/osvdb/120335 https://www.exploit-db.com/exploits/36577/https://www.exploit-db.com/exploits/37170/http://www.securityfocus.com/bid/75355 https://nvd.nist.gov https://github.com/echel0nn/having-fun-with-qiling https://www.exploit-db.com/exploits/36577/

CVE-2015-2797

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect