Name | CVE_2014_9222 |
---|---|
CVE | CVE-2014-9222 Exploit Pack |
VENDOR: Alegro | |
Notes: | |
This module exploits the arbitrary memory overwrite vulnerability in RomPager embedded web-server, which was originally introduced by CheckPoint. | |
Current version of the module and used offsets are calculated based on RomPager 5.04, running on TP-Link TD-W8961ND_V2_120427 firmware. | |
ZynOS provides a command in console “sys pswauthen” that can be used to temporarily disable authentication of web-based management interfaces. | |
This command sets a special flag in memory, which we overwrite with this exploit to enable/disable authentication. | |
Current version of the module does not support dynamic calculation of offset of the authentication flag, but knowing the model of target device, it would be easy to calculate it. |
Using this exploit against different versions/devices that are vulnerable, WILL CAUSE CRASH AND REBOOT of the device.
Repeatability: Infinite
References: [‘http://mis.fortunecook.ie/’]
CVE Url: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9222
CVSS: 7.5