.. / CVE-2023-0678

Exploit for PHPIPAM

Description:

In phpIPAM 1.5.1, an unauthenticated user could download the list of high-usage IP subnets that contains sensitive information such as a subnet description, IP ranges, and usage rates via find_full_subnets.php endpoint. The bug lies in the fact that find_full_subnets.php does not verify if the user is authorized to access the data, and if the script was started from a command line.

Nuclei Template

View the template here CVE-2023-0678.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-0678.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-0678
https://github.com/phpipam/phpipam/commit/1960bd24e8a55796da066237cf11272c44bb1cc4