PRP: Adobe ColdFusion - CVE-2023-26360

[jimmy-ly00]

Adobe ColdFusion is widely used for web app devlopment, there are many instances of CF that can be found on Shodan. CVE-2023-26360 is an unauthenticated attack that can result in arbitrary file read and remote code execution, attackers can gain a shell on it without any user interaction or effort.

CISA has reported this as actively exploited and POCs are well documented and Ive tested this myself.

References:

• https://www.cisa.gov/news-events/alerts/2023/03/15/cisa-adds-one-known-exploited-vulnerability-catalog
• https://www.bleepingcomputer.com/news/security/cisa-warns-of-adobe-coldfusion-bug-exploited-as-a-zero-day/
• https://www.picussecurity.com/resource/blog/cve-2023-26360-adobe-coldfusion-servers-exploited-for-initial-access

[frkngksl]

It was already suggested

https://github.com/google/tsunami-security-scanner-plugins/issues/393