Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2023-26360 PoC — Adobe ColdFusion Improper Access Control Arbitrary code execution

Source
https://github.com/issamjr/CVE-2023-26360
Associated Vulnerability
Title:Adobe ColdFusion Improper Access Control Arbitrary code execution (CVE-2023-26360)
Description:Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.
Description
CVE-2023-26360 - Adobe Coldfusion
Readme
# CVE-2023-26360 Vulnerability Scanner

## Overview
**CVE-2023-26360** is a critical remote code execution (RCE) vulnerability in Adobe ColdFusion, affecting specific versions of the software. If exploited, it allows an unauthenticated attacker to execute arbitrary code on a vulnerable server, potentially leading to unauthorized system access, data breaches, and server compromise.

This repository includes a Python-based scanner that checks if a target URL is potentially vulnerable to CVE-2023-26360 by analyzing response headers and specific ColdFusion indicators.

## Affected Versions
Adobe has reported that the following versions of ColdFusion are vulnerable to CVE-2023-26360:
- Adobe ColdFusion 2021 (up to update 6)
- Adobe ColdFusion 2018 (up to update 16)

Adobe has released patches for this vulnerability in later versions. It is highly recommended to apply all available updates if you are using ColdFusion.

## Requirements
The scanner requires:
- **Python 3.7+**
- The following Python packages:
  - `requests`
  - `colorama`

You can install the dependencies with:
```bash
pip install -r requirements.txt
```

## Usage
### Command-Line Arguments
- `url`: The target URL to scan for CVE-2023-26360.


### Running the Scanner
```bash
python cve_2023_26360_scanner.py http://example.com
```

This command checks if the specified URL is potentially vulnerable to CVE-2023-26360

### Sample Output
The script will provide color-coded feedback:
- **Green** for successful connection and ColdFusion version detection.
- **Yellow** for non-vulnerable but detected ColdFusion versions.
- **Red** if the target is likely vulnerable or if errors occur during the scan.

## Google Dork for Identifying Potentially Vulnerable Servers
To help identify publicly accessible ColdFusion instances, you can use the following Google dork:
```plaintext
inurl:"/CFIDE/administrator/index.cfm" intitle:"ColdFusion Administrator"
```
This search string helps locate ColdFusion admin pages, which are commonly exposed and may indicate outdated versions.

## Mitigation
1. **Update Adobe ColdFusion**: Apply the latest security patches provided by Adobe.
2. **Restrict Access**: Limit access to ColdFusion Administrator pages and server endpoints.
3. **Monitor Logs**: Regularly monitor server logs for any unauthorized access attempts.

## Disclaimer
This scanner is for educational and authorized testing purposes only. Unauthorized use of this tool on networks or servers without permission is illegal. Always ensure you have explicit permission from the server owner before performing any tests.

## References
- [Adobe Security Bulletin for CVE-2023-26360](https://helpx.adobe.com/security.html)
- [NIST National Vulnerability Database](https://nvd.nist.gov/vuln/detail/CVE-2023-26360)
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →