CVE-2023-46818 PoC — ISPConfig 安全漏洞

Source

https://github.com/bipbopbup/CVE-2023-46818-python-exploit

Associated Vulnerability

Title:ISPConfig 安全漏洞 (CVE-2023-46818)
Description:ISPConfig是一套基于Linux的开源主机控制面板，它可通过Web控制面板管理多台服务器、开设网站、监控服务器运行状况等。 ISPConfig 3.2.11p1 之前版本存在安全漏洞，该漏洞源于如果启用了 admin_allow_langedit，管理员可以在语言文件编辑器中实现 PHP 代码注入。

Description

CVE-2023-46818 IPSConfig Python exploit

Readme

# CVE-2023-46818 exploit

This is a python version of the original php script for the vulnerability affecting ispconfig 3.2.11 and previous versions.

Original PHP source: https://packetstormsecurity.com/files/176126/ISPConfig-3.2.11-PHP-Code-Injection.html

This proof-of-concept is intended for educational purposes only.

## Usage

```
python exploit.py http://10.10.10.10/ adminuser passwd
```
## Vulnerability description

User input passed through the "records" POST parameter to
/admin/language_edit.php is not properly sanitized before being used
to dynamically generate PHP code that will be executed by the
application. This can be exploited by malicious administrator users to
inject and execute arbitrary PHP code on the web server.

## Credits

Credits to Egidio Romano.

File Snapshot


 [4.0K]  /data/pocs/104d4c48a504b088bedf97bfeea2d99f9c647da2
├── [4.0K]  exploit.py
└── [ 784]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!