tooryx
commented
5 months ago Hi @vishwaraj101,
Could you provide more context on the vulnerability? (e.g. link to the CVE entry, how you plan to implement it, ...).
Thank you, ~tooryx
Open vishwaraj101 opened 5 months ago
tooryx
commented
5 months ago Hi @vishwaraj101,
Could you provide more context on the vulnerability? (e.g. link to the CVE entry, how you plan to implement it, ...).
Thank you, ~tooryx
vishwaraj101
commented
5 months ago @tooryx So i can write full blown exploit or a generic detection for this for the safer purpose. I think simple detection logic will do the work. Since I have worked on CVE-2023-33568 to make it pre auth RCE. Let me know
CVE Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-33568
vishwaraj101
commented
5 months ago Any updates on this ?
tooryx
commented
5 months ago Hi @vishwaraj101,
We are not sure if we wish to continue on this one, hence why I put the fingerprints at the top of your contribution queue. We will have more visibility once we have the fingerprints.
~tooryx
vishwaraj101
commented
5 months ago @tooryx what if I write just about the original issue detection ? I think that will be more fruitful what do suggest shall I ?
tooryx
commented
5 months ago I am sorry not sure to understand, what do you mean?
vishwaraj101
commented
5 months ago I mean writing the plugin detecting -> CVE-2023-33568
tooryx
commented
5 months ago Got it. As mentioned before, we would like to have the fingerprints merged first to see if we are interested in the implementation of this vulnerability. We can discuss again once the fingerprints are merged.
This will detect the vulnerable instances which can be exploited to achieve RCE. It will work on the default installations Dolibarr is an Open Source ERP & CRM for business for SMEs, Large Companies, Freelancers, Foundations)
It is currently used by 5000+ instances as per shodan query
This will detect the vulnerable dolibarr version from 6-18.0.0 latest version.
Let me know if i can start working on this I can start quickly