admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-29 09:41:13 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/CVE-2023-38203.md

13 lines
1.1 KiB
Markdown
Raw Normal View History

Create CVE-2023-38203.md add CVE-2023-38203
2023-07-24 18:39:19 +08:00
## Adobe Coldfusion remote code execution vulnerability (CVE-2023-38203)
| **Vulnerability** | **Adobe Coldfusion remote code execution vulnerability (CVE-2023-38203)** |
| :----: | :-----|
| **Chinese name** | Adobe ColdFusion 远程代码执行漏洞CVE-2023-38203 |
| **CVSS core** | 9.8 |
| **FOFA Query** (click to view the results directly)| [(body="crossdomain.xml" && body="CFIDE") \|\| (body="#000808" && body="#e7e7e7")](https://en.fofa.info/result?qbase64=IChib2R5PSJjcm9zc2RvbWFpbi54bWwiICYmIGJvZHk9IkNGSURFIikgfHwgKGJvZHk9IiMwMDA4MDgiICYmIGJvZHk9IiNlN2U3ZTciKQ%3D%3D) |
| **Number of assets affected** | 3740 |
| **Description** | Adobe Coldfusion is a commercial application server developed by Adobe for web applications.The attacker can send unbelievable serialized data and trigger derivativeization to the Coldfusion server, thereby executing any code. |
| **Impact** | The attacker can execute the code at the server through this vulnerability, obtain the server permissions, and then control the entire web server. |
![](https://s3.bmp.ovh/imgs/2023/07/24/514d4dd7f7e3b52c.gif)
Reference in New Issue Copy Permalink