Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-25157 PoC — Unfiltered SQL Injection Vulnerabilities in Geoserver

Source
https://github.com/7imbitz/CVE-2023-25157-checker
Associated Vulnerability
Title:Unfiltered SQL Injection Vulnerabilities in Geoserver (CVE-2023-25157)
Description:GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols. CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse.
Description
A script, written in golang. POC for CVE-2023-25157
Readme
# CVE-2023-25157-checker
A script, written in golang. POC for CVE-2023-25157

## Steps to use
1. `git clone https://github.com/7imbitz/CVE-2023-25157-checker.git`
2. `cd CVE-2023-25157-checker`
3. `go run CVE-2023-25157.go <URL>`
*Replace `<URL>` with the URL of the target server.

![Screenshot 2023-06-12 at 23 09 29](https://github.com/7imbitz/CVE-2023-25157-checker/assets/26263598/d3781925-deb8-44d0-9768-7b6e9b116060)
<img width="1077" alt="Screenshot 2023-06-12 at 23 12 43" src="https://github.com/7imbitz/CVE-2023-25157-checker/assets/26263598/645e7ebc-b50d-4e9a-bea0-6f1c68e695c2">


## Google Dork
```inurl:"/geoserver/ows?service=wfs"```

## Research
For research purpose, you can setup and deploy your own instance of geoserver. This [docker](https://github.com/geoserver/docker) can be easily setup in a blink of an eye *multiple blink

## References
- [Github Advisory](https://github.com/geoserver/geoserver/security/advisories/GHSA-7g5f-wrx8-5ccf)
- [Commit](https://github.com/geoserver/geoserver/commit/145a8af798590288d270b240235e89c8f0b62e1d)
- [Tweet](https://twitter.com/parzel2/status/1665726454489915395)
- [NVD](https://nvd.nist.gov/vuln/detail/CVE-2023-25157)

## Legal Disclaimer
This POC Script was intended for educational and research purposes only. The main purpose was for me to code in golang. **Usage of this script for any unauthorized activities, and unethical testing is STRICTLY prohibited.**

## Stargazers over time

[![Stargazers over time](https://starchart.cc/7imbitz/CVE-2023-25157-checker.svg)](https://starchart.cc/7imbitz/CVE-2023-25157-checker)
File Snapshot

 [4.0K]  /data/pocs/272d418daf9cc86ae750799d54a792296664121a
├── [5.3K]  CVE-2023-25157.go
├── [  75]  go.mod
├── [ 505]  go.sum
├── [ 34K]  LICENSE
└── [1.6K]  README.md

0 directories, 5 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →