CVE-2023-1671
Description
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.
Severity: CRITICAL
CVE ID: CVE-2023-1671
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2023-1671
Refrence: Project Discovery GitHub
ohnonoyesyes
Pre-Auth RCE in Sophos Web Appliance
Refrence: GitHub
W01fh4cker
CVE-2023-1671-POC, based on dnslog platform
Refrence: GitHub
csffs
Exploit to cve-2023-1671. So there is a test and exploitation function. The test sends a ping request to the dnslog domain from the vulnerable site. If the ping passes, the vulnerability exists, if it doesn't, then cve-2023-1671 is missing. The exploit function, on the other hand, sends a request with your command to the server.
Refrence: GitHub
Content on GitHub
behnamvanda | watchers:1
CVE-2023-1671
Sophos Web Appliance pre-auth command injection Vulnerability Scanner
Refrence: GitHub
getdrive | watchers:59
PoC
PoC. Severity critical.
Refrence: GitHub