.. / CVE-2023-47246

Exploit for SysAid Server - Remote Code Execution (CVE-2023-47246)

Description:

In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023.

Nuclei Template

View the template here CVE-2023-47246.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-47246.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-47246
https://documentation.sysaid.com/docs/latest-version-installation-files
https://www.cisa.gov/news-events/alerts/2023/11/13/cisa-adds-six-known-exploited-vulnerabilities-catalog
https://www.huntress.com/blog/critical-vulnerability-sysaid-cve-2023-47246
https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification
https://www.rapid7.com/blog/post/2023/11/09/etr-cve-2023-47246-sysaid-zero-day-vulnerability-exploited-by-lace-tempest/