cve/CVE-2023-45852.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

754 B

Raw Permalink Blame History

CVE-2023-45852

Description

In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method.

POC

Reference

https://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_RCE.md

Github

https://github.com/komodoooo/Some-things
https://github.com/tanjiti/sec_profile

754 B Raw Permalink Blame History

CVE-2023-45852

Description

POC

Reference

Github

754 B

Raw Permalink Blame History