cve/2023/CVE-2023-34039.md

### [CVE-2023-34039](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34039)
![](https://img.shields.io/static/v1?label=Product&message=Aria%20Operations%20for%20Networks&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20Aria%20Operations%20for%20Networks%206.x%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Authentication%20Bypass%20Vulnerability&color=brighgreen)

### Description

Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.

### POC

#### Reference
- http://packetstormsecurity.com/files/174452/VMWare-Aria-Operations-For-Networks-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/175320/VMWare-Aria-Operations-For-Networks-SSH-Private-Key-Exposure.html

#### Github
- https://github.com/20142995/sectool
- https://github.com/CharonDefalt/CVE-2023-34039
- https://github.com/Cyb3rEnthusiast/CVE-2023-34039
- https://github.com/ZonghaoLi777/githubTrending
- https://github.com/adminxb/CVE-2023-34039
- https://github.com/aneasystone/github-trending
- https://github.com/devmehedi101/bugbounty-CVE-Report
- https://github.com/getdrive/PoC
- https://github.com/johe123qwe/github-trending
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/securi3ytalent/bugbounty-CVE-Report
- https://github.com/sinsinology/CVE-2023-34039
- https://github.com/syedhafiz1234/CVE-2023-34039
-												Update Sat May 25 21:48:12 CEST 2024

											
										
										
											2024-05-25 21:48:12 +02:00
+								### [CVE-2023-34039](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34039)
 								![](https://img.shields.io/static/v1?label=Product&message=Aria%20Operations%20for%20Networks&color=blue)
 								![](https://img.shields.io/static/v1?label=Version&message=%3D%20Aria%20Operations%20for%20Networks%206.x%20&color=brighgreen)
 								![](https://img.shields.io/static/v1?label=Vulnerability&message=Authentication%20Bypass%20Vulnerability&color=brighgreen)
 								### Description
 								Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.
 								### POC
 								#### Reference
 								- http://packetstormsecurity.com/files/174452/VMWare-Aria-Operations-For-Networks-Remote-Code-Execution.html
 								- http://packetstormsecurity.com/files/175320/VMWare-Aria-Operations-For-Networks-SSH-Private-Key-Exposure.html
 								#### Github
 								- https://github.com/20142995/sectool
 								- https://github.com/CharonDefalt/CVE-2023-34039
 								- https://github.com/Cyb3rEnthusiast/CVE-2023-34039
 								- https://github.com/ZonghaoLi777/githubTrending
 								- https://github.com/adminxb/CVE-2023-34039
 								- https://github.com/aneasystone/github-trending
 								- https://github.com/devmehedi101/bugbounty-CVE-Report
 								- https://github.com/getdrive/PoC
 								- https://github.com/johe123qwe/github-trending
 								- https://github.com/nomi-sec/PoC-in-GitHub
 								- https://github.com/securi3ytalent/bugbounty-CVE-Report
 								- https://github.com/sinsinology/CVE-2023-34039
 								- https://github.com/syedhafiz1234/CVE-2023-34039