Primary

Context

Sysax Multi Server Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Sysax Multi Server version 6.95. The issue arises in the administrative password field, where attackers can overwrite the password with 800 bytes of repeated characters. This exploitation leads to an application crash, disrupting server functionality.

Impact

Exploitation of this vulnerability causes the application to crash, interrupting server operations.

Reproduction

To reproduce this vulnerability, upload a Python script that generates a buffer of 800 bytes of repeated characters. After running the script, copy the generated payload into the administrative password field of the Sysax Multi Server application. Save the changes to trigger the crash.

Added: Jan 13, 2026, 11:41 PM

Updated: Jan 13, 2026, 11:41 PM

Vulnerability Rating

Custom Algorithm

spread

1.6

impact

2.5

exploitability

6.3

remediation

0.0

relevance

2.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.6

impact

2.5

exploitability

6.3

remediation

0.0

relevance

2.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sysax Multi Server Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Sysax Multi Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating