This exploit sends a malformed HTTP GET request with an oversized path (//.\ repeated 330 times) to trigger a denial-of-service condition in Mereo 1.8.0. The attack leverages a buffer overflow or similar vulnerability in the HTTP request parser.
Classification
Working Poc 95%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:Mereo 1.8.0
No auth needed
Prerequisites:Network access to the target server · Target server running Mereo 1.8.0