Ripple20 CVE POC

I have been working on a Ripple20 POC, more specifically cve-2020-11896. I know how to use the ICMP primitive in order to shape the heap and worked with the cve-2020-11898 but I want to make a working example of the RCE. Would one have to have inner domain knowledge to know how to execute a rce on these embedded devices. You can’t just run shell commands like usual. So would you have to craft a specific payload for each device?

Also does the POC by JSOF only include the DIGI product. wouldn’t you also have to find a new primitive for allocating memory on another device with a different heap?

Touch here for the full post on Network Security Noblemen tumblr

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s