EDB-ID: 41851 CVE: 2017-7456 Author: HYP3RLINX Type: DOS Platform: WINDOWS Date: 2017-04-10 Vulnerable App: MXview v2.8 Vulnerability Details Vendor: www.moxa.com Product: MXview v2.8 - Industrial Network Management Software - Features: Auto discovery, Event playback, Visualized network data, etc. Vulnerability Type: Denial Of Service CVE Reference: CVE-2017-7456 Security Issue: Remote attackers can DOS MXView server by sending large strings of junk characters for the user ID and password field login credentials. Network Access: Remote Severity: Medium Disclosure Timeline: - Vendor Notification: March 5, 2017 - Vendor confirms vulnerability: March 21, 2017 - Vendor "updated firmware April 7, 2017": March 29, 2017 - Public Disclosure: April 9, 2017 POC/Exploit A code snippet in Python that automates the process of sending large strings to the MXview server's login fields. Disclaimer: Provided for educational purposes only. Unauthorized use is illegal.