CVE-2022-23102 PoC — Siemens SINEMA Remote Connect Server 输入验证错误漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-23102.yaml

Associated Vulnerability

Title:Siemens SINEMA Remote Connect Server 输入验证错误漏洞 (CVE-2022-23102)
Description:Siemens SINEMA Remote Connect Server是德国西门子（Siemens）公司的一套远程网络管理平台。该平台主要用于远程访问、维护、控制和诊断底层网络。 Siemens SINEMA Remote Connect Server（所有版本 < V2.0）中存在输入验证错误漏洞，攻击者可以通过导致网络钓鱼攻击来诱骗设备上经过身份验证的有效用户单击其中的恶意链接。

Description

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Affected products contain an open redirect vulnerability. An attacker could trick a valid authenticated user to the device into clicking a malicious link there by leading to phishing attacks.

File Snapshot


 id: CVE-2022-23102

info:
  name: SINEMA Remote Connect Server < V2.0 - Open Redirect
  author: ctfl

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!