var unreadAlerts = '1';
You have one unread private message from dkota titled Welcome to the Forum!

POC for CVE-2023-34362 affecting MOVEit Transfer
#1
POC for CVE-2023-34362 affecting MOVEit Transfer

Technical Analysis

A technical root cause analysis of the vulnerability can be found on our blog: https://www.horizon3.ai/moveit-transfer-...ompromise/

Summary

This POC abuses an SQL injection to obtain a sysadmin API access token and then use that access to abuse a deserialization call to obtain remote code execution.

This POC needs to reach out to an Identity Provider endpoint which hosts proper RS256 certificates used to forge arbitrary user tokens - by default this POC uses our IDP endpoint hosted in AWS.

By default, the exploit will write a file to C:\Windows\Temp\message.txt. Alternative payloads can be generated by using the ysoserial.net project.

https://github.com/horizon3ai/CVE-2023-34362
You search a DB? Send a PM maybe i have it.
Report


Quick Reply
Message
Type your reply to this message here.



Possibly Related Threads…
Thread Author Replies Views Last Post
  CVE-2023-21716 (Microsoft Word RCE) Python PoC cyb 61 950 Yesterday, 05:09 PM
Last Post: AmBa
  CVE-2023-22809 sudo exploit cyb 62 703 Yesterday, 05:01 PM
Last Post: AmBa
  CVE-2023-29336 Win32k Privilege Escalation Vulnerability (PoC) DataBroker 0 44 06-10-2023, 08:03 PM
Last Post: DataBroker
  QueueJumper PoC - CVE-2023-21554 HeXsploit 1 144 06-03-2023, 01:19 PM
Last Post: ItzYesterday



Users browsing this thread: purely_cabbage
var thread_deleted = "0"; if(thread_deleted == "1") { $("#quick_reply_form, .new_reply_button, .thread_tools, .inline_rating").hide(); $("#moderator_options_selector option.option_mirage").attr("disabled","disabled"); }