.. / CVE-2023-22232

Exploit for Adobe Connect < 12.1.5 - Local File Disclosure (CVE-2023-22232)

Description:

Adobe Connect versions 11.4.5 (and earlier), 12.1.5 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to impact the integrity of a minor feature. Exploitation of this issue does not require user interaction

Nuclei Template

View the template here CVE-2023-22232.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-22232.yaml
Copy

References:

https://helpx.adobe.com/security/products/connect/apsb23-05.html
https://github.com/ARPSyndicate/cvemon
https://nvd.nist.gov/vuln/detail/CVE-2023-22232
http://packetstormsecurity.com/files/171390/Adobe-Connect-11.4.5-12.1.5-Local-File-Disclosure.html