Improved formatting and minor changes to wording

robertguetzkow · Apr 1, 2022 · 508d687 · 508d687
1 parent c3079e3
commit 508d687
Showing 1 changed file with 3 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -13,7 +13,7 @@
 ## Introduction
 
 CVE-2021-37740 is a denial of service (DoS) vulnerability that affects firmware v3.0.3 of the KNXnet/IP Secure router SCN-IP100.03 and interface SCN-IP000.03 by MDT. 
-A specially crafted KNXnet/IP Secure frame would result in a device that is unresponsive to further requests, requiring a reboot the restore normal operations.
+A specially crafted KNXnet/IP Secure frame results in a device that is unresponsive to further requests, requiring a reboot the restore normal operations.
 This respository contains a proof of concept that demonstrates how the bug can be triggered, which was originally developed for the coordinated vulnerability disclosure.
 
 ## The Vulnerability
@@ -34,13 +34,14 @@ The `poc.py` tries to trigger the DoS vulnerability by sending the invalid `SESS
 The scripts can be executed with the following commands, where `<insert IP address>` has to be replaced with the actual IP address (e.g. `192.168.2.137`).
 
 `python3 healthcheck.py -t <insert IP address>`
+
 `python3 poc.py -t <insert IP address>`
 
 On Windows the alias for Python may have to be changed from `python3` to `python`. If the target device implements the control endpoint on a port other than `3671`, then the port in the script has to be adjusted accordingly. 
 
 ## Remediation
 
-The vulnerability was fixed in firmware v3.0.4, as documented by the [change log](https://www.mdt.de/download/MDT_CL_SCN_IP_03_IP_Interface_Router.pdf). Installing the most recent firmware remediates the issue. Instructions for the firmware update and the `.hex` file are provided on [MDT's website](https://www.mdt.de/produkte/produktdetail.html?tx_mdtproducts_detail%5Baction%5D=detail&tx_mdtproducts_detail%5Bcontroller%5D=Productseries&tx_mdtproducts_detail%5Bseries%5D=61&cHash=b5790b112aaa7ae5fe450726ea614983).
+The vulnerability was fixed in firmware v3.0.4, as documented by the [change log](https://www.mdt.de/download/MDT_CL_SCN_IP_03_IP_Interface_Router.pdf) for the MDT firmware. Installing the most recent firmware remediates the issue. Instructions for the firmware update and the `.hex` file are provided on [MDT's website](https://www.mdt.de/produkte/produktdetail.html?tx_mdtproducts_detail%5Baction%5D=detail&tx_mdtproducts_detail%5Bcontroller%5D=Productseries&tx_mdtproducts_detail%5Bseries%5D=61&cHash=b5790b112aaa7ae5fe450726ea614983).
 
 ## Coordinated Vulnerability Disclosure