.. / CVE-2023-22897

Exploit for Securepoint UTM - Leaking Remote Memory Contents (CVE-2023-22897)

Description:

An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall’s endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not used.

Nuclei Template

View the template here CVE-2023-22897.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-22897.yaml
Copy

References:

https://www.rcesecurity.com/2023/04/securepwn-part-2-leaking-remote-memory-contents-cve-2023-22897/
https://github.com/MrTuxracer/advisories
https://nvd.nist.gov/vuln/detail/CVE-2023-22897
https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2023-22897.txt
https://rcesecurity.com