POC详情: a806a2ab3b0d4c8855e7ba84c9e6e2310d48dae6

来源
关联漏洞
标题: Adobe ColdFusion 访问控制错误漏洞 (CVE-2023-26360)
描述:Adobe ColdFusion是美国奥多比(Adobe)公司的一套快速应用程序开发平台。该平台包括集成开发环境和脚本语言。 Adobe ColdFusion 存在访问控制错误漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
描述
CVE-2023-26360 - Adobe Coldfusion 
介绍
# CVE-2023-26360 Vulnerability Scanner

## Overview
**CVE-2023-26360** is a critical remote code execution (RCE) vulnerability in Adobe ColdFusion, affecting specific versions of the software. If exploited, it allows an unauthenticated attacker to execute arbitrary code on a vulnerable server, potentially leading to unauthorized system access, data breaches, and server compromise.

This repository includes a Python-based scanner that checks if a target URL is potentially vulnerable to CVE-2023-26360 by analyzing response headers and specific ColdFusion indicators.

## Affected Versions
Adobe has reported that the following versions of ColdFusion are vulnerable to CVE-2023-26360:
- Adobe ColdFusion 2021 (up to update 6)
- Adobe ColdFusion 2018 (up to update 16)

Adobe has released patches for this vulnerability in later versions. It is highly recommended to apply all available updates if you are using ColdFusion.

## Requirements
The scanner requires:
- **Python 3.7+**
- The following Python packages:
  - `requests`
  - `colorama`

You can install the dependencies with:
```bash
pip install -r requirements.txt
```

## Usage
### Command-Line Arguments
- `url`: The target URL to scan for CVE-2023-26360.


### Running the Scanner
```bash
python cve_2023_26360_scanner.py http://example.com
```

This command checks if the specified URL is potentially vulnerable to CVE-2023-26360

### Sample Output
The script will provide color-coded feedback:
- **Green** for successful connection and ColdFusion version detection.
- **Yellow** for non-vulnerable but detected ColdFusion versions.
- **Red** if the target is likely vulnerable or if errors occur during the scan.

## Google Dork for Identifying Potentially Vulnerable Servers
To help identify publicly accessible ColdFusion instances, you can use the following Google dork:
```plaintext
inurl:"/CFIDE/administrator/index.cfm" intitle:"ColdFusion Administrator"
```
This search string helps locate ColdFusion admin pages, which are commonly exposed and may indicate outdated versions.

## Mitigation
1. **Update Adobe ColdFusion**: Apply the latest security patches provided by Adobe.
2. **Restrict Access**: Limit access to ColdFusion Administrator pages and server endpoints.
3. **Monitor Logs**: Regularly monitor server logs for any unauthorized access attempts.

## Disclaimer
This scanner is for educational and authorized testing purposes only. Unauthorized use of this tool on networks or servers without permission is illegal. Always ensure you have explicit permission from the server owner before performing any tests.

## References
- [Adobe Security Bulletin for CVE-2023-26360](https://helpx.adobe.com/security.html)
- [NIST National Vulnerability Database](https://nvd.nist.gov/vuln/detail/CVE-2023-26360)
文件快照

[4.0K] /data/pocs/a806a2ab3b0d4c8855e7ba84c9e6e2310d48dae6 ├── [2.2K] cve_2023_26360_scanner.py ├── [2.7K] README.md └── [ 18] requirements.txt 0 directories, 3 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。