CVE-2023-27532 PoC — Veeam Backup & Replication 访问控制错误漏洞

Source

https://github.com/puckiestyle/CVE-2023-27532-RCE-Only

Associated Vulnerability

Title:Veeam Backup & Replication 访问控制错误漏洞 (CVE-2023-27532)
Description:Veeam Backup & Replication是美国Veeam公司的一个备份和复制软件。 Veeam Backup & Replication存在安全漏洞，该漏洞源于允许获取配置数据库中存储的加密凭据，攻击者利用该漏洞可以获得备份基础结构主机的访问权限。

File Snapshot


 [4.0K]  /data/pocs/4069cd6f720a3c4a8fbee93e2b983c13e01160fb
├── [ 178]  App.config
├── [1.8K]  macro_puck_create.py
├── [ 18K]  macro_puck.docm
├── [2.8K]  Program.cs
├── [4.0K]  Properties
│   ├── [3.5K]  app.manifest
│   └── [1.3K]  AssemblyInfo.cs
├── [789K]  rcat_192.168.1.41_443.exe
├── [1.3K]  Readme.md
├── [1.8M]  Veeam.Backup.Common.dll
├── [420K]  Veeam.Backup.Interaction.MountService.dll
├── [4.2M]  Veeam.Backup.Model.dll
├── [ 45K]  VeeamHax1.png
├── [ 12K]  VeeamHax2.png
├── [ 15K]  VeeamHax3.png
├── [5.3K]  VeeamHax.csproj
├── [7.0K]  VeeamHax.exe
├── [1.1K]  VeeamHax.sln
└── [1.7K]  VeeamHax_TemporaryKey.pfx

1 directory, 18 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-27532 PoC — Veeam Backup & Replication 访问控制错误漏洞

Source

Associated Vulnerability

File Snapshot

Remarks