CVE-2008-1401

MG-SOFT Net Inspector <6.5.0.828 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1401. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary This is a detailed technical writeup by Luigi Auriemma describing multiple vulnerabilities in MG-SOFT Net Inspector, including format string, directory traversal, crash, and DoS issues. It provides specific exploit strings and technical details for each vulnerability.

Description

Format string vulnerability in the Net Inspector HTTP server (mghttpd) in MG-SOFT Net Inspector 6.5.0.828 and earlier for Windows allows remote attackers to execute arbitrary code via format string specifiers in the URI, which is recorded in a log file.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textremotewindows

https://www.exploit-db.com/exploits/5269

View Code ZIP pw:eip

This is a detailed technical writeup by Luigi Auriemma describing multiple vulnerabilities in MG-SOFT Net Inspector, including format string, directory traversal, crash, and DoS issues. It provides specific exploit strings and technical details for each vulnerability.

Classification

Writeup 100%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: MG-SOFT Net Inspector <= 6.5.0.828

No auth needed

Prerequisites: Network access to the target service

MITRE ATT&CK