Exploit for Cross-Site Request Forgery (CSRF) in Tautulli CVE-2019-19833

## https://sploitus.com/exploit?id=73282F91-BCD2-5A47-A9A0-C8D9C1CCC282
# Tautulli v2.1.9 - Shutdown Denial of Service

Tautulli versions 2.1.9 and prior are vulnerable to a denial of service (DoS) attack via the `/shutdown` URL. This vulnerability allows an unauthenticated attacker to remotely shut down the Tautulli server.

## Vulnerability Details

- **CVE ID**: CVE-2019-19833
- **Exploit Database**: [47785](https://www.exploit-db.com/exploits/47785)
- **Vulnerability Type**: Denial of Service (DoS)
- **Affected Versions**: Tautulli 
   run
   ```

## Python PoC

A Python PoC script is provided in `tautulli_exploit.py`. It uses the `requests` and `rich` libraries for a clean CLI experience.

### Requirements

- Python 3.x
- `requests`
- `rich`

Install dependencies:

```bash
pip install requests rich
```

### Usage

```bash
python3 tautulli_exploit.py -t  -p 8181
```

Options:

- `-t`, `--target`: Target IP or hostname (Required)
- `-p`, `--port`: Target port (Default: 8181)
- `--timeout`: Request timeout in seconds (Default: 10)

## Author

- Ismail Tasdelen

## License

This project is licensed under the MSF_LICENSE (Metasploit Framework License).