CVE-2022-40140 PoC — Trend Micro Apex One 访问控制错误漏洞

Source

https://github.com/ZephrFish/NotProxyShellScanner

Associated Vulnerability

Title:Trend Micro Apex One 访问控制错误漏洞 (CVE-2022-40140)
Description:Trend Micro Apex One是美国趋势科技（Trend Micro）公司的一款终端防护软件。 Trend Micro Apex One 2020（On-prem） SaaS版本存在安全漏洞，该漏洞源于能够登录安装受影响产品的系统的攻击者可能能够导致拒绝服务。

Description

Python implementation for NotProxyShell aka CVE-2022-40140 & CVE-2022-41082

Readme

# NotProxyShellScanner
Python implementation for NotProxyShell aka CVE-2022-40140 & CVE-2022-41082.

## Setup 
Install the requirements all that's required is python3 requests.

```
pip3 install -r requirements.txt
```

## Running
There are a few options when it comes to running the tooling:
```
usage: NotProxyShell.py [-h] [-u TARGETHOST] [-f TARGETHOSTFILE] [-e EMAIL] [-d TARGETDOMAIN]

optional arguments:
  -h, --help            show this help message and exit
  -u TARGETHOST, --targethost TARGETHOST
                        Single Target host e.g zsec.uk
  -f TARGETHOSTFILE, --targethostfile TARGETHOSTFILE
                        File with targets, one per line
  -e EMAIL, --email EMAIL
                        Known email of org
  -d TARGETDOMAIN, --targetdomain TARGETDOMAIN
                        Known domain of the target org
```

File Snapshot


 [4.0K]  /data/pocs/a9c7bb331ede2f7c298fb0acfe221d01621714df
├── [3.2K]  NotProxyShell.py
├── [ 847]  README.md
└── [  17]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!