CVE-2023-31446 PoC — Cassia Networks Gateway 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-31446.yaml

Associated Vulnerability

Title:Cassia Networks Gateway 安全漏洞 (CVE-2023-31446)
Description:Cassia Networks Gateway是Cassia Networks公司的一个物联网网关。 Cassia Networks Gateway XC1000_2.1.1.2303082218版本、XC2000_2.1.1.2303090947版本存在安全漏洞，该漏洞源于/bypass/config中的queueUrl参数未清理。

Description

In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device startup.

File Snapshot


 id: CVE-2023-31446

info:
  name: Cassia Gateway Firmware - Remote Code Execution
  author: Dhiyanes

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!