CVE-2023-22620
HIGH EXPLOITED NUCLEISecurePoint UTM < 12.2.5.1 - Unauthenticated Session ID Disclosure via /spcgi.cgi
Title source: llmExploitation Summary
CVE-2023-22620 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device's authentication and get access to the administrative interface.
Nuclei Templates (1)
SecurePoint UTM 12.x Session ID Leak
HIGHVERIFIEDby DhiyaneshDK
Shodan:
title:"Securepoint UTM" || http.title:"securepoint utm"
FOFA:
title="securepoint utm"
References (4)
Core 4
Core References
Exploit, Third Party Advisory
http://packetstormsecurity.com/files/171924/SecurePoint-UTM-12.x-Session-ID-Leak.html
Exploit, Third Party Advisory
https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2023-22620.txt
Not Applicable
https://rcesecurity.com
Exploit, Mailing List, Third Party Advisory mailing-list
http://seclists.org/fulldisclosure/2023/Apr/7
Scores
CVSS v3
7.5
EPSS
0.0389
EPSS Percentile
88.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
VulnCheck KEV
2023-12-04
CWE
CWE-863
Status
published
Products (1)
securepoint/unified_threat_management
12.2.3.1 - 12.2.5.1
Published
Apr 12, 2023
Tracked Since
Feb 18, 2026