Managed Switch Port Mapping Tool Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in Managed Switch Port Mapping Tool version 2.85.2. This vulnerability allows attackers to crash the application by creating an oversized buffer. By generating a 10,000-character buffer and pasting it into the IP Address and SNMP Community Name fields, the application can be triggered to crash.

Impact

Exploitation of this vulnerability leads to a crash of the application, causing a denial-of-service condition where the tool becomes unresponsive or unavailable for use.

Reproduction

To reproduce this vulnerability, open Managed Switch Port Mapping Tool version 2.85.2 on a Windows 10 Home x64 system. Select 'Settings' from the 'Router/Srvr 1' menu for layer 2 switches. Run the provided Python exploit script, which will create a text file containing a 10,000-character buffer. Copy the buffer from this file and paste it into the 'IP Address' and 'SNMP v1/v2c Read Community Name' fields. Click 'OK' to trigger the application crash.