.. / CVE-2023-25135

Exploit for vBulletin <= 5.6.9 - Pre-authentication Remote Code Execution (CVE-2023-25135)

Description:

vBulletin before 5.6.9 PL1 allows an unauthenticated remote attacker to execute arbitrary code via a crafted HTTP request that triggers deserialization. This occurs because verify_serialized checks that a value is serialized by calling unserialize and then checking for errors.

Nuclei Template

View the template here CVE-2023-25135.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-25135.yaml
Copy

References:

https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4473890-vbulletin-5-6-9-security-patch
https://github.com/netlas-io/netlas-dorks
https://github.com/ambionics/vbulletin-exploits/blob/main/vbulletin-rce-cve-2023-25135.py
https://www.ambionics.io/blog/vbulletin-unserializable-but-unreachable
https://nvd.nist.gov/vuln/detail/CVE-2023-25135