CVE-2023-22855 PoC — Kardex Control Center 代码注入漏洞

Source

Associated Vulnerability

Description

Security Vulnerability - Kardex Mlog MCC

Readme

# CVE-2023-22855

This vulnerability was discovered and disclosed by Patrick Hener and myself. This repository will hold the advisory and the link to the exploit.

This repository is only for educational purposes.

# Links

- Vendor Website: [https://www.kardex.com/en/mlog-control-center](https://www.kardex.com/en/mlog-control-center)
- Exploit on Exploit-DB: [https://www.exploit-db.com/exploits/51239](https://www.exploit-db.com/exploits/51239)
- Exploit on Patrick Hener's Github [https://github.com/patrickhener/CVE-2023-22855/tree/main/exploit](https://github.com/patrickhener/CVE-2023-22855/tree/main/exploit)
- Blog Post Advisory: [https://hesec.de/posts/CVE-2023-22855](https://hesec.de/posts/cve-2023-22855)
- Blog Post Thinking Objects: [https://to.com/blog/advisory-kardex-mlog-CVE-2023-22855](https://to.com/blog/advisory-kardex-mlog-CVE-2023-22855)
- Mitre: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22855](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22855)
- NVD Entry: [https://nvd.nist.gov/vuln/detail/CVE-2023-22855](https://nvd.nist.gov/vuln/detail/CVE-2023-22855)

File Snapshot

 [4.0K]  /data/pocs/432154c5b4e5d35efd7598cfa1de35dec1bdc20c
├── [6.0K]  advisory.md
└── [1.1K]  README.md

0 directories, 2 files

Remarks