CVE-2023-0777

CRITICAL NUCLEI

Modoboa < 2.0.4 - Authentication Bypass

Title source: rule

Description

Authentication Bypass by Primary Weakness in GitHub repository modoboa/modoboa prior to 2.0.4.

Exploits (1)

exploitdb WORKING POC
by 7h3h4ckv157 · gowebappspython
https://www.exploit-db.com/exploits/51276

Nuclei Templates (1)

modoboa 2.0.4 - Admin TakeOver
CRITICALVERIFIEDby r3Y3r53
Shodan: html:"Modoboa" || http.favicon.hash:1949005079 || http.html:"modoboa"
FOFA: body="Modoboa" || body="modoboa" || icon_hash=1949005079

References (3)

Scores

CVSS v3 9.8
EPSS 0.7599
EPSS Percentile 98.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-305
Status published

Affected Products (2)

modoboa/modoboa < 2.0.4
pypi/modoboa < 2.0.4PyPI

Timeline

Published Feb 10, 2023
Tracked Since Feb 18, 2026