Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-28926 PoC — ReadyMedia 安全漏洞

Source
https://github.com/lorsanta/exploit-CVE-2020-28926
Associated Vulnerability
Title:ReadyMedia 安全漏洞 (CVE-2020-28926)
Description:ReadyMedia(原名MiniDLNA)是一套兼容LNA/UPnP-AV客户端的媒体服务软件。该软件支持音乐、图片、视频等媒体文件。 ReadyMedia 1.3.0之前版本存在安全漏洞,该漏洞允许远程代码执行。使用HTTP分块编码向小型服务发送恶意的通用即取即付HTTP请求会导致签名错误,从而在调用memcpy memmove时造成缓冲区溢出。
Readme
# exploit-CVE-2020-28926
## Reference
https://www.rootshellsecurity.net/remote-heap-corruption-bug-discovery-minidlna/
## Build
Copy the folder containing minidlna-1.2.1 source and run build_and_run.sh
File Snapshot

 [4.0K]  /data/pocs/6c6ef1abd07c6fd950dc687f4603993e1c60de4f
├── [ 126]  build_and_run.sh
├── [ 536]  Dockerfile
├── [1.6K]  explot.py
└── [ 202]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.