CVE-2019-3719 PoC — Dell SupportAssist Client 输入验证错误漏洞

Source

https://github.com/jiansiting/CVE-2019-3719

Associated Vulnerability

Title:Dell SupportAssist Client 输入验证错误漏洞 (CVE-2019-3719)
Description:Dell SupportAssist Client是美国戴尔（Dell）公司的一款客户端应用程序。该程序提供自动化、主动和预测性技术进行故障排除等。 Dell SupportAssist Client 3.2.0.90之前版本存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。

Readme

Dell SupportAssist RCE Proof of Concept

This is the proof of concept source code for CVE-2019-3719, a vulnerability in most of all Dell machines that allowed for remote code execution. 

Usage

python3 main.py [Interface Name] [Victim IP] [Gateway IP] [Payload Filename]

File Snapshot


 [4.0K]  /data/pocs/a0a68661a6bec2391714e9b9608b02163ffcb205
├── [1.9K]  ARPSpoofer.py
├── [1.8K]  DNSSpoofer.py
├── [1.0K]  LICENSE
├── [1.1K]  main.py
├── [ 272]  README.md
├── [ 351]  SocketHelper.py
└── [4.5K]  WebServer.py

0 directories, 7 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!