CVE-2023-30459 PoC — Motorola SmartPTT SCADA 安全漏洞

Source

https://github.com/Toxich4/CVE-2023-30459

Associated Vulnerability

Title:Motorola SmartPTT SCADA 安全漏洞 (CVE-2023-30459)
Description:Motorola SmartPTT SCADA是美国摩托罗拉（Motorola）公司的一个集成的语音和数据调度软件应用程序。 Motorola SmartPTT SCADA 1.1.0.0版本存在安全漏洞。攻击者利用该漏洞通过编写恶意C#脚本并在服务器上执行代码。

Description

CVE-2023-30459

Readme

# CVE-2023-30459
SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges)
by writing a malicious C# script and executing it on the server
(via server settings in the administrator control panel on port 8101, by default).

How to use:
> python CVE-2023-30459.py -t 127.0.0.1 -p elcomplus -cmd "shutdown /s /t 30"

PoC:
![Image alt](https://github.com/Toxich4/CVE-2023-30459/blob/main/PoC.gif)

File Snapshot


 [4.0K]  /data/pocs/be77e0998469731f7e57c4b743321d3e5eb2f62d
├── [4.2K]  CVE-2023-30459.py
├── [3.2M]  PoC.gif
└── [ 436]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!