CVE-2023-50094 PoC — Rengine 安全漏洞

Source

Associated Vulnerability

Description

poc for CVE-2023-50094 (rengine command injection)

Readme

# reNgine 2.2.0 - Command Injection - CVE-2023-50094 

## Description

This Python script exploits an authenticated command injection vulnerability in reNgine 2.2.0. The exploit targets the `nmap_cmd` parameter in the Scan Engine configuration, allowing attackers to execute arbitrary commands.

## Features

- User-friendly command-line interface (CLI)
- Flexible input for base URL, credentials, and Scan Engine ID
- Automates exploitation for authenticated users

## Exploit Details

- **CVE ID**: TBD
- **Affected Version**: reNgine v2.2.0
- **Tested On**: macOS
- **Author on exploit-db**: Caner Tercan
- **Author of the POC**: Ziad (me)
- **Vendor URL**: [https://rengine.wiki/](https://rengine.wiki/)
- **Software Link**: [https://github.com/yogeshojha/rengine](https://github.com/yogeshojha/rengine)

## Prerequisites

1. A running instance of reNgine (v2.2.0).
2. Valid user credentials with access to the Scan Engine configuration.
3. Python 3.x with the `requests` library installed.

## Installation

1. Clone the repository:

   ```bash
   git clone https://github.com/example/rengine-exploit.git
   cd rengine-exploit
   pip install requests
   ```

2. Running the script:
   ```
   python poc.py --url http://rengine.target.com --username admin --password securepassword123 --engine-id 2
   ```

File Snapshot

 [4.0K]  /data/pocs/2ac9e893ee7146cd37279df4954378688c98a33a
├── [2.3K]  poc.py
└── [1.3K]  README.md

0 directories, 2 files

Remarks