CVE-2023-34965 PoC — SSPanel UIM 安全漏洞

Source

https://github.com/AgentY0/CVE-2023-34965

Associated Vulnerability

Title:SSPanel UIM 安全漏洞 (CVE-2023-34965)
Description:SSPanel UIM是Anankke个人开发者的一款专为 Shadowsocks / V2Ray / Trojan 协议设计的多用途代理服务销售管理系统。 SSPanel UIM 2023.3版本存在安全漏洞，该漏洞源于没有限制访问接口，从而导致用户信息泄露。

Description

SSPanel UIM is a multi-purpose agency service sales management system specially designed for Shadowsocks / V2Ray / Trojan protocols. SSPanel-Uim version before 2023.3 does not restrict access to the /link/ interface,which can lead to a leak of user subscription information.

Readme

# CVE-2023-34965
SSPanel UIM is a multi-purpose agency service sales management system specially designed for Shadowsocks / V2Ray / Trojan protocols. SSPanel-Uim version before 2023.3 does not restrict access to the /link/ interface,which can lead to a leak of user subscription information.

#Detail in：https://github.com/AgentY0/CVE-2023-34965/blob/main/CVE-2023-34965.pdf

File Snapshot


 [4.0K]  /data/pocs/3d56e970160774e33a035de680f40d65577f9782
├── [3.4M]  CVE-2023-34965.pdf
└── [ 377]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!