This is a writeup describing a denial of service (DoS) vulnerability in DirectAdmin Control Panel versions 1.50.1 and older. The vulnerability allows an attacker to crash the service by sending excessively long username and password fields in a POST request to the login endpoint.
Classification
Writeup 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:DirectAdmin Control Panel 1.50.1 and older
No auth needed
Prerequisites:Network access to the DirectAdmin login endpoint (typically port 2222)