CVE-2023-31465 PoC — FSMLabs TimeKeeper 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-31465.yaml

Associated Vulnerability

Title:FSMLabs TimeKeeper 安全漏洞 (CVE-2023-31465)
Description:FSMLabs TimeKeeper是FSMLabs公司的一个提供企业级时间分配、时钟同步和监控的平台。 FSMLabs TimeKeeper 8.0.17 到 8.0.28版本存在安全漏洞，该漏洞源于通过拦截来自各种计时器流的请求，可以找到 getsamplebacklog 调用，导致服务器执行 Bash 代码。

Description

An issue was discovered in FSMLabs TimeKeeper 8.0.17 through 8.0.28. By intercepting requests from various timekeeper streams, it is possible to find the getsamplebacklog call. Some query parameters are passed directly in the URL and named arg[x], with x an integer starting from 1; it is possible to modify arg[2] to insert Bash code that will be executed directly by the server.

File Snapshot


 id: CVE-2023-31465

info:
  name: TimeKeeper by FSMLabs - Remote Code Execution
  author: ritikchadd

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!