.. / CVE-2023-24044

Exploit for Plesk Obsidian <=18.0.49 - Open Redirect (CVE-2023-24044)

Description:

Plesk Obsidian through 18.0.49 contains an open redirect vulnerability via the login page. An attacker can redirect users to malicious websites via a host request header and thereby access user credentials and execute unauthorized operations. NOTE: The vendor’s position is “the ability to use arbitrary domain names to access the panel is an intended feature.”

Nuclei Template

View the template here CVE-2023-24044.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-24044.yaml
Copy

References:

https://medium.com/@jetnipat.tho/cve-2023-24044-10e48ab940d8
https://gist.github.com/TJetnipat/02b3854543b7ec95d54a8de811f2e8ae
https://support.plesk.com/hc/en-us/articles/10254625170322-Vulnerability-CVE-2023-24044
https://portswigger.net/web-security/host-header/exploiting
https://nvd.nist.gov/vuln/detail/CVE-2023-24044