CVE-2023-23333 PoC — Contec SolarView Compact 命令注入漏洞

Source

https://github.com/emanueldosreis/nmap-CVE-2023-23333-exploit

Associated Vulnerability

Title:Contec SolarView Compact 命令注入漏洞 (CVE-2023-23333)
Description:Contec SolarView Compact是日本Contec公司的一个应用系统。提供光伏发电测量系统。 Contec SolarView Compact 6.00版本及之前版本存在安全漏洞。攻击者利用该漏洞通过downloader.php绕过内部限制来执行命令。

Description

Nmap NSE script to dump / test Solarwinds CVE-2023-23333 vulnerability

Readme

# nmap-CVE-2023-23333-exploit
Nmap NSE script to dump /etc/passwd from remote system using Solarwinds CVE-2023-23333 vulnerability

Save the script into a file named solar-CVE-2023-23333.nse. To run the script, you can use Nmap's --script-args option to provide the output file path:

nmap -p <port> <target> --script solar-CVE-2023-23333.nse --script-args outputfile=/path/to/output.txt

CISA KEV - https://nvd.nist.gov/vuln/detail/CVE-2022-29303

File Snapshot


 [4.0K]  /data/pocs/aad7e5acfba9568ec5d9e4da608fb8d64cc908fe
├── [ 448]  README.md
└── [1.8K]  solarView.nse

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!