CVE-2023-30258

EPSS 93.68% · P100 Updated Aug 29, 2025

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2023-30258

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

MagnusBilling 操作系统命令注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

MagnusBilling是MagnusSolution开源的一种快速、安全、高效、高可用性的 VOIP 计费。 MagnusSolution MagnusBilling 6.x 、 7.x版本存在操作系统命令注入漏洞，该漏洞源于允许远程攻击者通过未经身份验证的 HTTP 请求运行任意命令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2023-30258

#	POC Description	Source Link	Shenlong Link
1	None	https://github.com/gy741/CVE-2023-30258-setup	POC Details
2	None	https://github.com/sk00l/CVE-2023-30258	POC Details
3	None	https://github.com/tinashelorenzi/CVE-2023-30258-magnus-billing-v7-exploit	POC Details
4	Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.	https://github.com/Chocapikk/CVE-2023-30258	POC Details
5	POC for CVE-2023-30258-RCE by n0o0b	https://github.com/n00o00b/CVE-2023-30258-RCE-POC	POC Details
6	Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-30258.yaml	POC Details
7	A detailed walkthrough of TryHackMe's Billing room exploiting CVE-2023-30258 and escalating via fail2ban misconfig	https://github.com/AdityaBhatt3010/TryHackMe-Room-Walkthrough-Billing	POC Details
8	There are Exploit for Magnus Billing v7 system get root privilages	https://github.com/abdullohqurbon0v/CVE-2023-30258-Exploit-For-Magnus-Billing-System	POC Details
9	Billing CTF Machine_CVE-2023-30258_Remote Code Execution	https://github.com/CankunWang/Tryhackme_Billing	POC Details
10	RCE vuln in magnus billing php resource	https://github.com/kayl22/magnus_billing_7.3.0_RCE_CVE-2023-30258	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2023-30258

请登录查看更多情报信息。

Same Patch Batch · n/a · 2023-06-23 · 28 CVEs total

CVE-2023-36284		Webkil QloApps SQL注入漏洞
CVE-2023-27908		Autodesk Installer 代码问题漏洞
CVE-2023-34188		Cesanta Mongoose 安全漏洞
CVE-2023-34203		Progress OpenEdge 注入漏洞
CVE-2023-35759		Progress Software WhatsUp Gold 跨站脚本漏洞
CVE-2023-36345		POS Codekop 跨站脚本漏洞
CVE-2023-36346		POS Codekop 跨站脚本漏洞
CVE-2023-36348		POS Codekop 安全漏洞
CVE-2023-3212		Linux kernel 代码问题漏洞
CVE-2023-34671		Elenos ETG150 安全漏洞
CVE-2023-3317		Linux kernel 资源管理错误漏洞
CVE-2023-25003		Autodesk AutoCAD 缓冲区错误漏洞
CVE-2023-34672		Elenos ETG150 FM transmitter 安全漏洞
CVE-2023-34673		Elenos ETG150 安全漏洞
CVE-2023-36193		Gifsicle 缓冲区错误漏洞
CVE-2023-36287		Webkul QloApps 跨站脚本漏洞
CVE-2023-36271		GNU LibreDWG 缓冲区错误漏洞
CVE-2023-36272		LibreDWG 缓冲区错误漏洞
CVE-2023-36273		GNU LibreDWG 缓冲区错误漏洞
CVE-2023-36274		GNU LibreDWG 缓冲区错误漏洞

Showing top 20 of 28 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2023-30258

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2023-30258

I. Basic Information for CVE-2023-30258

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2023-30258

III. Intelligence Information for CVE-2023-30258

Same Patch Batch · n/a · 2023-06-23 · 28 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2023-30258

Leave a comment