Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-30800 PoC — MikroTik RouterOS Web Interface Heap Corruption

Source
https://github.com/KhogenTheRabbit/cve-2023-30800-multithread-doser
Associated Vulnerability
Title:MikroTik RouterOS Web Interface Heap Corruption (CVE-2023-30800)
Description:The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.
Description
Multithredded DoS Python Script For CVE-2023-30800
Readme
# cve-2023-30800-multithread-doser
Multithredded DoS Python Script For CVE-2023-30800

⚠️ NOTE: I'm not liable for any damages caused by this tool, it is provided as a testing utility only to be used on authorized networks

Usage:

`dos.py --address {IP-ADDRESS} --threads {THREAD-COUNT}`

Requirements:

* Python 3.6 >
* Requests

Install Requirements:

`pip install requests`


CVE: "https://nvd.nist.gov/vuln/detail/CVE-2023-30800"

POC: "https://gist.github.com/j-baines/fdd1e85482838c6299900c1e859071c2"
File Snapshot

 [4.0K]  /data/pocs/073d076e9b92236a1bfdd360998fecb7eac92da7
├── [2.1K]  dos.py
├── [ 34K]  LICENSE
└── [ 513]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →