CVE-2023-2523 — AI Deep Analysis Summary

🚨 **Essence**: Unrestricted file upload in Weaver E-Office. 💥 **Consequences**: Attackers can upload malicious files (e.g., Webshells), leading to **Remote Code Execution (RCE)** and full server compromise.

🛡️ **Root Cause**: **CWE-434** (Unrestricted Upload of File with Dangerous Type). 🐛 **Flaw**: The endpoint `/E-mobile/App/Ajax/ajax.php?…

🏢 **Vendor**: Weaver (泛微科技). 📦 **Product**: E-Office. 📅 **Affected Version**: **v9.5**. ⚠️ Check if your system matches this specific version.

🔓 **Privileges**: System-level access via uploaded scripts. 📂 **Data**: Full read/write access to server files. 🧠 **Impact**: Hackers can execute arbitrary commands, steal data, or pivot to internal networks.

📉 **Threshold**: **LOW**. 🌐 **Network**: Network Accessible (AV:N). 🔑 **Auth**: None required (PR:N). 🖱️ **UI**: None required (UI:N). 🚀 **Ease**: Exploitable with simple HTTP POST requests.

🔥 **Public Exp**: **YES**. Multiple PoCs exist on GitHub (e.g., `bingtangbanli`, `werwolfz`). 📝 **Method**: Scripts automatically upload `phpinfo.php` to verify vulnerability. Wild exploitation is highly likely.

🔍 **Self-Check**: Send a POST request to `/E-mobile/App/Ajax/ajax.php?action=mobile_upload_save` with a test file.…

🛠️ **Official Patch**: Data does not explicitly list a vendor patch link. 📢 **Action**: Check official Weaver security announcements immediately. If no patch, treat as critical unpatched vulnerability.

🚧 **Workaround**: Block external access to `/E-mobile/App/Ajax/` via WAF or Firewall. 🚫 **Restrict**: Disable file upload functionality if not needed. 🛑 **Isolate**: Segment the network to prevent lateral movement.

🔴 **Priority**: **CRITICAL**. 🚨 **Urgency**: High. CVSS Score indicates Low Complexity, No Auth, and High Impact. ⚡ **Advice**: Patch or mitigate immediately. This is a high-risk RCE vector actively exploited.