6 matches found
Splunk XSLT Upload Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Splunk Authenticated XSLT Upload RCE', 'Description' = %q This Metasploit module exploits a Remote Code Execution RCE vulnerability in Splunk...
CVE-2023-46214
creationtimestamp| type| source ---|---|--- 2023-11-19 07:37:50+00:00| published-proof-of-concept| https://t.me/proxybar/1832 2023-11-19 12:58:41+00:00| published-proof-of-concept| https://t.me/RalfHackerChannel/1418 2023-11-19 14:57:34+00:00| published-proof-of-concept| https://t.me/apsecurity/2...
Exploit for XML Injection (aka Blind XPath Injection) in Splunk Cloud
Splunk RCE - PoC Proof of concept exploit for CVE-2023-46214...
CVE-2023-46214
CVE-2023-46214 describes a remote code execution risk in Splunk Enterprise caused by unsafe sanitization of user-supplied XSLT. Affected versions are Splunk Enterprise 9.0.x before 9.0.7 and 9.1.x before 9.1.2, where uploading crafted XSLT can lead to code execution on the target. The vulnerabili...
CVE-2023-46214 Remote code execution (RCE) in Splunk Enterprise through Insecure XML Parsing
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations XSLT that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance...
CVE-2023-46214 Remote code execution (RCE) in Splunk Enterprise through Insecure XML Parsing
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language transformations XSLT that users supply. This means that an attacker can upload malicious XSLT which can result in remote code execution on the Splunk Enterprise instance...