Created
October 11, 2023 01:05
-
-
Save wwwziziyu/85bdf8d56b415974c4827a5668f493e9 to your computer and use it in GitHub Desktop.
CVE-2023-40829 POC introduce
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| The cveform.mitre.org "Vulnerability Type" field was set to: | |
| Incorrect Access Control | |
| ⬤ The cveform.mitre.org "Affected Component" field was set to: | |
| Sensitive information can lead to the full amount of | |
| enterprise wechat data being obtained, file acquisition, and | |
| the use of enterprise wechat light application to send | |
| phishing files and links to internal forces | |
| ⬤ The cveform.mitre.org "Attack Type" field was set to: Remote | |
| ⬤ The cveform.mitre.org "Impact Information Disclosure" field | |
| was set to: true | |
| ⬤ The cveform.mitre.org "Attack Vectors" field was set to: | |
| POC:XXX.com/cgi-bin/gateway/agentinfo | |
| ⬤ The cveform.mitre.org "Discoverer" field was set to: eziyu | |
| ⬤ The cveform.mitre.org "Reference" field was set to: | |
| http://enterprise.comhttp://tencent.com | |
| ⬤ The cveform.mitre.org "Vendor of Product" field was set to: | |
| tencent | |
| ⬤ The cveform.mitre.org "Affected Product Code Base" field was | |
| set to: Enterprise wechat Privatized enterprise wechat | |
| ⬤ The cveform.mitre.org "Suggested description" field was set | |
| to: There is an interface unauthorized access vulnerability in the background of Enterprise Wechat Privatization 2.5.x and 2.6.930000 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment