Skip to content
/ CVE-2023-35813-PoC Public

An exploit for the Sitecore Remote Code Execution Vulnerability

3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

BagheeraAltered/CVE-2023-35813-PoC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
README.md
README.md
 
 
command.py
command.py
 
 
command.txt
command.txt
 
 
commandRedirect.txt
commandRedirect.txt
 
 
exploit.py
exploit.py
 
 

Repository files navigation

Sitecore Remote Code Execution Vulnerability

CVE: 2023-35813 (discovered by @mwulftange) CVSS Score: 9.8 Severity: Critical

This is the fantastic blog post from the researchers that found it: https://code-white.com/blog/exploiting-asp.net-templateparser-part-1/

Figure out what command you want to use, and put it in a file called command.txt then run command.py to encode it

after it's encoded run the exploit.py script with the hostname of the target as the arg

About

An exploit for the Sitecore Remote Code Execution Vulnerability

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages