Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

CVE-2023-2375 PoC — Ubiquiti EdgeRouter X Web Management Interface command injection

Source
https://github.com/0x0jr/HTB-Devvortex-CVE-2023-2375-PoC
Associated Vulnerability
Title:Ubiquiti EdgeRouter X Web Management Interface command injection (CVE-2023-2375)
Description:A vulnerability was found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6 and classified as critical. This issue affects some unknown processing of the component Web Management Interface. The manipulation of the argument src leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227651.
Description
CVE-2023-23752 Unauthenticated Information Disclosure Showcase Using Devvortex From HTB.
Readme
# Joomla! CVE-2023-23752 - Unauthenticated Information Disclosure PoC

## Description

This repository contains a Proof of Concept (PoC) exploit for CVE-2023-23752, a vulnerability in Joomla! that allows unauthenticated information disclosure. This vulnerability can expose sensitive information, including database credentials, configuration files, and more, to unauthenticated users.

## PoC

You can watch my PoC on this CVE here:

https://www.youtube.com/watch?v=vf_d0AWd7T8

## Details

- **CVE:** CVE-2023-23752
- **Vulnerability Type:** Information Disclosure
- **Affected Version:** Joomla! 4.2.8

## Usage

1. **Clone the repository:**
    ```
    git clone https://github.com/0x0jr/HTB-Devvortex-CVE-2023-2375-PoC.git
    ```

2. **Install dependencies:**
    ```
    pip install requests
    ```

3. **Run the PoC:**
    ```
    python3 exploit.py <target_url>
    ```

    Replace `<target_url>` with the URL of the target Joomla! instance.

## Example

```
python3 exploit.py http://dev.devvortex.htb/
```
File Snapshot

 [4.0K]  /data/pocs/3e0b5c63099ac386e0a8f90ed52a10749b105a65
├── [2.2K]  exploit.py
└── [1019]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →