Skip to content

Instantly share code, notes, and snippets.

Dustin Noe dustinnoe

Block or report user

Report or block dustinnoe

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View SRN-x WebViewer DOS Vulnerability
> [Suggested description]
> An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s
> 1.07_190502 devices, and other SRN-x devices before 2019-05-03. A
> system crash and reboot can be achieved by submitting a long username
> in excess of 117 characters. The username triggers a buffer overflow
> in the main process controlling operation of the DVR system, rendering
> services unavailable during the reboot operation. A repeated attack
> affects availability as long as the attacker has network access to the
> device.
# Modified by Dustin Noe
# Last Updated: 5/28/15
# -added option to perform a regular expression cleaned output with cheap base64 detection/decode
# Modified by Travis Lee
# Last Updated: 4/21/14
# Version 1.16
You can’t perform that action at this time.