README.md | Loading last commit info... |
README.md
CVE-2023-25157 - GeoServer SQL Injection - PoC
- CVE: CVE-2023-25157
- Date: 06/06/2023
- Vendor/Software: GeoServer
This script is a proof of concept for OGC Filter SQL Injection vulnerabilities in GeoServer, a popular open-source software server for sharing geospatial data. It sends requests to the target URL and exploits potential vulnerabilities by injecting malicious payloads into the CQL_FILTER
parameter.
Usage
To use this script, provide the target URL as a command-line parameter. For example:
foo@bar:~$ python3 CVE-2023-25157.py <URL>
Replace <URL>
with the actual URL of the target server.
Google Dork
inurl:"/geoserver/ows?service=wfs"
References
- Security Advisory: https://github.com/geoserver/geoserver/security/advisories/GHSA-7g5f-wrx8-5ccf
- Commit: https://github.com/geoserver/geoserver/commit/145a8af798590288d270b240235e89c8f0b62e1d
- Tweet: https://twitter.com/parzel2/status/1665726454489915395
Script Author: Bipin Jitiya (@win3zz)