# Vulnerability Summary: Central Management Software 1.4.13 Denial of Service Vulnerability (PoC) ## Vulnerability Overview - **EDB-ID**: 45207 - **Author**: Gionathan Reale - **Publication Date**: 2018-08-16 - **Vulnerability Type**: Denial of Service (DoS) - **Platform**: Windows x86 64-bit - **Affected Version**: Central Management Software v1.4.13 ## Impact Scope - **Operating System**: Windows 10 - **Software Version**: 1.4.13 - **Vulnerability Description**: By crafting malicious input, the CMS client program can be forced to crash. ## Remediation - No specific remediation steps or patch information are currently provided on the page. ## POC Code ```python #!/usr/bin/python # Exploit Title: Central Management Software v1.4.13 - Denial of Service (PoC) # Author: Gionathan "John" Reale # Discovery Date: 2018-08-16 # Homepage: https://www.ambientweather.com # Software Link: https://p10.secure.hostingprod.com/@site.ambientweatherstore.com/ssl/Manuals/ambientcam/04_central_management_software.zip # Tested Version: 1.4.13 # Tested on OS: Windows 10 # Steps to Reproduce: Run the python exploit script, it will create a new # file with the name "exploit.txt" just copy the text inside "exploit.txt" # and start the CMS client program. In the new window paste the content of # "exploit.txt" into the following fields: "Password". Click "login" and you will see a crash. ```