漏洞描述
TVMOBiLi 2.1.0.3974之前版本的HttpUtils.dll中存在多个栈缓冲区溢出漏洞,攻击者可以向服务器的TCP/30888端口发送HTTP请求,通过GET或HEAD方法中的超长字符串造成拒绝服务攻击(tvMobiliService服务崩溃)。
TVMOBili HTTP Request拒绝服务漏洞
PoC代码
暂无相关漏洞推荐
- POC wp-jetpack-ssrf: Wordpress Jetpack plugin - Server Side Request Forgery
- POC CVE-2021-22175: GitLab CI Lint API - Server-Side Request Forgery
- POC CVE-2023-23897: Ozette Plugins - Cross-Site Request Forgery
- POC CVE-2024-20404: Cisco Finesse - Server-Side Request Forgery (SSRF)
- POC CVE-2025-10211: ChanCMS <= 3.3.0 - Server-Side Request Forgery
- POC te-cl-http-smuggling: Basic TE.CL - HTTP Request Smuggling
- POC bentoml-ssrf: Bentoml - Server Side Request Forgery
- POC gradio-image-ssrf: Gradio Image Component - Server-Side Request Forgery
- POC 用友nc soapRequest.ajax 命令执行漏洞
- 泛微 OA E-Cology deleteUserRequestInfoByXml 文件读取漏洞(CVE-2023-2806)
- POC CVE-2014-4210: Oracle Weblogic - Server-Side Request Forgery
- POC CVE-2015-8813: Umbraco <7.4.0- Server-Side Request Forgery
- POC CVE-2017-0929: DotNetNuke (DNN) ImageHandler <9.2.0 - Server-Side Request Forgery