admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-02-11 13:13:26 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
23c94de2edd4515d44a32996c8557c91be4ca63f
nuclei-templates/javascript/cves/2023/CVE-2023-45249.yaml
ghost ad68ad7963 chore: sign templates 🤖
2025-09-24 06:53:53 +00:00

58 lines
2.3 KiB
YAML
Raw Blame History

id: CVE-2023-45249
info:
name: Acronis Cyber Infrastructure - Default Password
author: darses
severity: critical
description: |
Acronis Cyber Infrastructure (ACI) before build 5.0.1-61, 5.1.1-71, 5.2.1-69, 5.3.1-53, and 5.4.4-132 contain a remote command execution caused by use of default passwords, letting attackers execute arbitrary commands remotely, exploit requires access to the system with default credentials.
impact: |
Attackers can execute arbitrary commands remotely, potentially leading to full system compromise.
remediation: |
Change default passwords and update to the latest version.
reference:
- https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/acronis_cyber_infra_cve_2023_45249.rb
- https://security-advisory.acronis.com/advisories/SEC-6452
- https://security-advisory.acronis.com/updates/UPD-2310-9e7e-bd9b
- https://www.securityweek.com/acronis-product-vulnerability-exploited-in-the-wild/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-45249
cwe-id: CWE-1393,CWE-287
epss-score: 0.9294
epss-percentile: 0.99765
cpe: cpe:2.3:a:acronis:cyber_infrastructure:*:*:*:*:*:*:*:*
metadata:
verified: true
vendor: acronis
product: cyber_infrastructure
censys-query: services.http.response.html_title:"Acronis Cyber Infrastructure" and services.port:6432
max-requests: 1
tags: cve,cve2025,kev,acronis,network,js,postgresql,default-login,vkev
javascript:
- pre-condition: |
isPortOpen(Host,Port);
code: |
const postgres = require('nuclei/postgres');
const client = new postgres.PGClient;
connected = client.ExecuteQuery(Host, Port, User, Pass, Db, "SELECT release_notes_url FROM software_info");
Export(connected);
args:
Host: "{{Host}}"
Port: 6432
User: "vstoradmin"
Pass: "vstoradmin"
Db: "vstoradmin"
matchers:
- type: dsl
dsl:
- "success == true"
- "contains_all(response, 'release_notes_url','http://download.acronis.com/vstorage/')"
condition: and
# digest: 490a00463044022056d54f83124390085d18333bbc1497cf21f279fd5239f888a6e71d95e12440ed022025dbec245826873cec80dbbb405f72ccb10fccf60dcc697356d2a14f112621b1:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink