Published: 24/06/2019 Updated: 24/08/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hostingcontroller hc10 10.14

[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinxaltervistaorg [+] Source: hyp3rlinxaltervistaorg/advisories/HC10-HCSERVER-1014-REMOTE-INVALID-POINTER-WRITEtxt [+] ISR: ApparitionSec [Vendor] wwwhostingcontrollercom [Product] HC10 HCServer Service 1014 HC10 is a unified hosting automation control pa ...

The HCServer service in Hosting Controller HC10 1014 allows an Invalid Pointer Write DoS if attackers can reach the service on port 8794 In addition this can potentially be leveraged for post exploit persistence with SYSTEM privileges, if physical access or malware is involved If a physical attacker or malware can set its own program for the se ...

CWE-787 https://help.hostingcontroller.com/OnlineHelp/default.aspx?pageid=hc_release_notes http://hyp3rlinx.altervista.org http://seclists.org/fulldisclosure/2019/Jun/28 https://nvd.nist.gov https://www.exploit-db.com/exploits/46995

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-12323

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect