EXPLOITDB-EDB-47476

EXPLOITDB python WORKING POC
Exploit for CVE-2019-25436 - Sricam DeviceViewer 3.12.0.1 - Auth Bypass
AI Analysis

This exploit demonstrates an arbitrary password change vulnerability in DeviceViewer 3.12.0.1 by leveraging a buffer overflow in the password change functionality. The PoC generates a malicious payload file that, when used as the 'old password,' bypasses authentication and allows setting a new password.

Attack Type
auth_bypass
Complexity
trivial
Reliability
reliable
MITRE ATT&CK
T1068 - Exploitation for Privilege Escalation
Loading exploit code...
Download ZIP Password: eip
Source
Platform Exploitdb
Type local
Platform windows
Language python
Files 1
Authors
Alessandro Magnosi
Vulnerability
CVE-2019-25436
Sricam DeviceViewer 3.12.0.1 - Auth Bypass
MEDIUM
CVSS 6.5