Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-0830 PoC — EasyNAS backup.pl system os command injection

Source
https://github.com/xbz0n/CVE-2023-0830
Associated Vulnerability
Title:EasyNAS backup.pl system os command injection (CVE-2023-0830)
Description:A vulnerability classified as critical has been found in EasyNAS 1.1.0. Affected is the function system of the file /backup.pl. The manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
Readme
# CVE-2023-0830: EasyNAS 1.1.0 Authenticated OS Command Injection Exploit

This Python script is a powerful exploit for EasyNAS version 1.1.0. The vulnerability exploited is a command injection flaw, which requires authentication.

The script begins by establishing a session with the target server, then sends a login request with user-provided credentials. Upon successful authentication, the script constructs a payload that, when executed, opens a reverse shell connection to a user-specified IP and port. This payload is URL and Base64 encoded and then injected into the `backup.pl` file on the server via a crafted GET request.

This script is meant to be a proof of concept, and should only be used responsibly and ethically.

## CVE: CVE-2023-0830

## Exploit Author
Ivan Spiridonov (ivanspiridonov@gmail.com)
 [https://xbz0n.medium.com](https://xbz0n.medium.com)

## Vendor home page 
[https://www.easynas.org](https://www.easynas.org)

## Usage
```python
./exploit.py http(s)://url username password listenerIP listenerPort
```

## Dependencies
Requires Python3 and the Requests library.

### Note:
Disable the insecure request warnings when using this script, as it will attempt to establish an HTTPS connection to the target URL.

## Disclaimer
This script is for educational purposes and authorized penetration testing only. Always seek explicit permission before running any penetration tests against a network or system.

Please use responsibly.
File Snapshot

 [4.0K]  /data/pocs/5a3f75c34cd9d66d39aeeda4ef4e859c4eabffab
├── [2.1K]  CVE-2023-0830.py
└── [1.4K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →