PT-2023-30773 · Unknown+1 · Testingplatform+1

Adulau

Published

2023-11-20

Updated

2023-11-29

CVE-2023-48310

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions TestingPlatform versions prior to 2.1.1

Description The issue arises from incorrect filtering of user input, allowing Nmap options to be accepted. This includes the option to create log files at a specified location, potentially leading to denial of service if the file already exists. An attacker can also scan any CIDR blocks passed to Nmap, including 0.0.0.0/0 or local networks.

Recommendations For versions prior to 2.1.1, update to version 2.1.1 to resolve the issue. As a temporary workaround, consider restricting the use of Nmap options and limiting the ability to create log files at arbitrary locations. Avoid using the option to create log files without proper validation of the input.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2023-48310

GHSA-9FHC-F3MR-W6H6

GHSA-MMPF-RW6C-67MM

Affected Products

Nmap

Testingplatform

PT-2023-30773 · Unknown+1 · Testingplatform+1

CVE-2023-48310

Weakness Enumeration

Related Identifiers

Affected Products

References · 11