CVE-2022-25369 PoC — DynamicWeb 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-25369.yaml

Associated Vulnerability

Title:DynamicWeb 安全漏洞 (CVE-2022-25369)
Description:DynamicWeb是美国DynamicWeb公司的一个全栈式数字体验平台。 Dynamicweb 9.12.8之前版本存在安全漏洞，该漏洞源于逻辑问题导致可添加新管理员用户，可能导致命令执行。

Description

Dynamicweb contains a vulnerability which allows an unauthenticated attacker to create a new administrative user.

File Snapshot


 id: CVE-2022-25369

info:
  name: Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation
  au

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!