cve/2023/CVE-2023-36899.md

### [CVE-2023-36899](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36899)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%202.0%20Service%20Pack%202&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.6.2%2F4.7%2F4.7.1%2F4.7.2&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.2&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8.1&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20and%204.6.2&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.6.2%2F4.7%2F4.7.1%2F4.7.2&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.6.2&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=2.0.0%3C%202.0.50727.8974%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=3.0.0.0%3C%2010.0.14393.6167%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%2010.0.10240.20107%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%204.7.04057.05%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%204.7.4057.05%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%204.8.04654.06%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%204.8.4654.06%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Version&message=4.8.1%3C%204.8.09176.01%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen)

### Description

ASP.NET Elevation of Privilege Vulnerability

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/20142995/sectool
- https://github.com/d0rb/CVE-2023-36899
- https://github.com/hktalent/bug-bounty
- https://github.com/midisec/CVE-2023-36899
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/riramar/Web-Attack-Cheat-Sheet
- https://github.com/w181496/Web-CTF-Cheatsheet
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-36899](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36899)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%202.0%20Service%20Pack%202&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.6.2%2F4.7%2F4.7.1%2F4.7.2&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.7.2&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20AND%204.8.1&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%203.5%20and%204.6.2&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.6.2%2F4.7%2F4.7.1%2F4.7.2&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.6.2&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20.NET%20Framework%204.8&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=2.0.0%3C%202.0.50727.8974%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=3.0.0.0%3C%2010.0.14393.6167%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%2010.0.10240.20107%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%204.7.04057.05%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.7.0%3C%204.7.4057.05%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%204.8.04654.06%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.8.0%3C%204.8.4654.06%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4.8.1%3C%204.8.09176.01%20&color=brighgreen)`
Update CVE sources 2024-06-07 04:52 2024-06-07 04:52:01 +00:00			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-20%3A%20Improper%20Input%20Validation&color=brighgreen)`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00
			`### Description`

			`ASP.NET Elevation of Privilege Vulnerability`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/20142995/sectool`
			`- https://github.com/d0rb/CVE-2023-36899`
			`- https://github.com/hktalent/bug-bounty`
			`- https://github.com/midisec/CVE-2023-36899`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
Update CVE sources 2024-06-07 04:52 2024-06-07 04:52:01 +00:00			`- https://github.com/riramar/Web-Attack-Cheat-Sheet`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/w181496/Web-CTF-Cheatsheet`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00