CVE-2004-1781

Info Touch Surfnet - Denial of Service and Unauthorized OS Access via CMD_CREDITCARD_CHARGE Command

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-1781. PoCs published by Rift_XT.

AI-analyzed exploit summary The exploit describes a denial-of-service vulnerability in Surfnet via the CMD_CREDITCARD_CHARGE command with malformed arguments, causing the software to crash and drop the user into the underlying OS. No actual exploit code is provided, only a description and an example command.

Description

Info Touch Surfnet kiosk allows local users to crash Surfnet and access the underlying operating system via the CMD_CREDITCARD_CHARGE command.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Rift_XT · textdoswindows
https://www.exploit-db.com/exploits/23512

The exploit describes a denial-of-service vulnerability in Surfnet via the CMD_CREDITCARD_CHARGE command with malformed arguments, causing the software to crash and drop the user into the underlying OS. No actual exploit code is provided, only a description and an example command.

Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Surfnet (version unspecified)
No auth needed
Prerequisites: Access to the Surfnet CMD_CREDITCARD_CHARGE command interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9348

Scores

EPSS 0.0069
EPSS Percentile 48.1%

Details

Status published
Products (1)
info_touch/surfnet 1.31
Published Dec 31, 2004
Tracked Since Feb 18, 2026