Remote CVE-2023-25157 GeoServer SQLi

[Zodiac]

Severity: 9.8/10

Checker + POC

Checker -
This is a simple Python Script to Find the Latest GeoServer SQL Injection Vulnerability. You can use the Scripts on hosts to check for infected path.

Installation:​

1. git clone https://github.com/0x2458bughunt/CVE-2023-25157/
2. cd CVE-2023-25157
3. chmod +x geoserver.sh

Note: You should have all the files on same directory, in case you want to use the files from anywhere throughout your system, follow these steps:

1. Open geoserver.sh and change GeoServerPath-Finder.py with it's full path. (Eg- /root/CVE-2023-25157/GeoServerPath-Finder.py)
2. Do the same with GeoServer_Keyword-Checker.py.
3. copy geoserver.sh to /usr/bin.Now you can access it from anywhere around your system!

Usage:
./geoserver.sh /path/to/hosts/file/

Download (checker) : https://github.com/0x2458bughunt/CVE-2023-25157



POC -

This script is a proof of concept for OGC Filter SQL Injection vulnerabilities in GeoServer, a popular open-source software server for sharing geospatial data. It sends requests to the target URL and exploits potential vulnerabilities by injecting malicious payloads into the CQL_FILTER parameter. For experimental purposes, the script uses SELECT version() SQL statement as payload.

Usage:

python3 CVE-2023-25157.py <URL>

Download (POC) : https://github.com/win3zz/CVE-2023-25157