CVE-2023-24078 PoC — Real Time Logic FuguHub 代码注入漏洞

Source

https://github.com/ag-rodriguez/CVE-2023-24078

Associated Vulnerability

Title:Real Time Logic FuguHub 代码注入漏洞 (CVE-2023-24078)
Description:Real Time Logic FuguHub是Real Time Logic公司的一款使用 Barracuda Application Server SDK 开发的消费产品。 Real Time Logic FuguHub v8.1及之前版本存在安全漏洞，该漏洞源于操作远程代码执行(RCE)漏洞。

Readme

# Description

This script is a Proof of Concept (PoC) exploit I developed for [CVE-2023-24078](https://nvd.nist.gov/vuln/detail/CVE-2023-24078). After trying the publicly available PoCs that were not functional and facing frustration in trying to troubleshoot them, I just created my own script.

# Usage
```
usage: python3 CVE-2023-24078.py [-h] -lh LHOST -lp LPORT -th RHOST -tp RPORT 

A PoC script for exploiting CVE-2023-24078.

Required arguments:
  -lh LHOST, --lhost LHOST      Listening Host
  -lp LPORT, --lport LPORT      Listening Port
  -th RHOST, --rhost RHOST      Target Host IP
  -tp RPORT, --rport RPORT      Port of the target 

```
<img src="/exploit.png" width="1200px">

File Snapshot


 [4.0K]  /data/pocs/02f67c9c43d03aed09e44009a5afdb10cd9fbcc3
├── [5.2K]  CVE-2023-24078.py
├── [ 19K]  exploit.png
└── [ 693]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!