cbcvebase.
CVE-2013-0680
published 2013-04-05

CVE-2013-0680: Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22…

PriorityP357high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
19.26%
97.0th percentile
Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP header.

Affected

12 ranges
VendorProductVersion rangeFixed in
cogentdatahubcascade_datahub<= 6.4.21
cogentdatahubcascade_datahub
cogentdatahubcogent_datahub<= 7.2.2
cogentdatahubcogent_datahub
cogentdatahubcogent_datahub
cogentdatahubcogent_datahub
cogentdatahubcogent_datahub
cogentdatahubcogent_datahub
cogentdatahubcogent_datahub
cogentdatahubdatahub_quicktrend<= 7.2.2
cogentdatahubopc_datahub<= 6.4.21
cogentdatahubopc_datahub

Detection & IOCsextracted from sources · hover to see the quote

port80/TCP
port443/TCP
  • Detect anomalously long HTTP header values in requests to the Cogent DataHub web server on ports 80/TCP and 443/TCP; a stack-based buffer overflow is triggered by an unusually long HTTP header parameter.
  • The vulnerable code path involves a dangerous use of strncpy() while handling HTTP headers; look for oversized HTTP header fields in traffic destined for Cogent DataHub HTTP server.
  • Monitor for exploitation attempts against Cogent DataHub 7.3.0 (Demo) on Windows XP SP3, as this is the confirmed tested environment for the Metasploit module.
  • ·The DataHub web server can be disabled entirely if not in use; if disabled, the HTTP-based attack surface for CVE-2013-0680 is eliminated.
  • ·Ports 80/TCP (and 443/TCP) should be blocked at the firewall if internet-facing access to the DataHub is not required, limiting exploitation to local network attackers only.
  • ·A public Metasploit exploit module exists for this vulnerability (cogent_datahub_request_headers_bof.rb), contradicting the CISA advisory's claim of no known public exploits at time of original publication.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.