Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

CVE-2023-40459 PoC — Improper input leads to DoS

Source
https://github.com/majidmc2/CVE-2023-40459
Associated Vulnerability
Title:Improper input leads to DoS (CVE-2023-40459)
Description: The ACEManager component of ALEOS 4.16 and earlier does not adequately perform input sanitization during authentication, which could potentially result in a Denial of Service (DoS) condition for ACEManager without impairing other router functions. ACEManager recovers from the DoS condition by restarting within ten seconds of becoming unavailable.
Description
PoC of CVE-2023-40459 (DoS on ACEmanager)
Readme
# Intro
This repository contains PoC the **CVE-2023-40459** vulnerability. This vulnerability affects the ACEManager file in the ALEOS 4.16 and earlier versions, a product of Sierra Wireless. This attack, without any initial access rights, can lead to disruption in accessing the target device (DoS).
To use it, execute the following command:

```bash
$ python3 PoC-CVE-2023-40459.py [Address: http://target]  [Port: 9091]
```
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →