CVE-2023-46480 PoC — OwnCast 安全漏洞

Source

https://github.com/shahzaibak96/CVE-2023-46480

Associated Vulnerability

Title:OwnCast 安全漏洞 (CVE-2023-46480)
Description:Owncast是一个开源、自托管、去中心化、单用户实时视频流和聊天服务器。 OwnCast v.0.1.1版本存在安全漏洞，该漏洞源于允许远程攻击者通过 indieauth 函数中的 authHost 参数获取敏感信息或执行任意代码。

Description

OwnCast SSRF

Readme

# CVE-2023-46480
OwnCast SSRF


Description
>An issue in OwnCast v.0.1.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via the authHost parameter of the indieauth function.


POC
> 1. Browse the main page
> 2. Click name > Authenticate
> 3. Fill the arbritary host and click checkmark
> 4. Observe the result with response error and timing

Vulnerability Type
> Incorrect Access Control


Vendor of Product
> OwnCast


Affected Product Code Base
> OwnCast - 0.1.1


Affected Component
> authHost parameter of the indieauth function


Attack Type
> Remote


Attack Vectors
> An unauthenticated user can force the server to access localhost, internal network host, and external hosts and resources.


Reference
> https://owncast.online/
> 
> https://github.com/owncast/owncast


Discoverer
> Shahzaib Ali Khan

File Snapshot


 [4.0K]  /data/pocs/1c1fda0185c1986187d5070eb028f0cde322fc32
└── [ 846]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!