exploitdb
WORKING POC
by n3m1.sys · bashlocallinux
https://www.exploit-db.com/exploits/51217
This exploit leverages CVE-2023-22809 in sudo versions 1.8.0 to 1.9.12p1 to escalate privileges by abusing sudoedit/sudo -e to modify the sudoers file. It checks for vulnerable sudo versions and exploitable user permissions before attempting privilege escalation.
Classification
Working Poc 95%
Target:
sudo 1.8.0 to 1.9.12p1
Auth required
Prerequisites:
User must have sudoedit/sudo -e privileges for a file as root or ALL · Vulnerable sudo version installed
nomisec
WORKING POC
160 stars
by n3m1sys · poc
https://github.com/n3m1sys/CVE-2023-22809-sudoedit-privesc
This repository contains a functional exploit script for CVE-2023-22809, a sudo privilege escalation vulnerability. The script checks for vulnerable sudo versions and user privileges, then leverages sudoedit to modify the sudoers file for root access.
Classification
Working Poc 95%
Target:
sudo versions 1.8.0 to 1.9.12p1
Auth required
Prerequisites:
User must have sudoedit or sudo -e privileges on a file as root · Vulnerable sudo version installed
nomisec
WORKING POC
7 stars
by P4x1s · poc
https://github.com/P4x1s/CVE-2023-22809-sudo-POC
This exploit leverages CVE-2023-22809 in sudo versions 1.8.0 to 1.9.12p1, allowing local privilege escalation by abusing sudoedit/sudo -e to modify /etc/sudoers and gain root access. The script checks for vulnerable sudo versions and exploitable user permissions before guiding the attacker to add a malicious sudoers entry.
Classification
Working Poc 95%
Target:
sudo 1.8.0 to 1.9.12p1
Auth required
Prerequisites:
Local user access · User must have sudoedit/sudo -e privileges for a file as root
nomisec
WORKING POC
6 stars
by asepsaepdin · local
https://github.com/asepsaepdin/CVE-2023-22809
This repository contains a functional exploit for CVE-2023-22809, a local privilege escalation vulnerability in sudo versions 1.8.0 to 1.9.12p1. The exploit leverages the sudoedit feature to manipulate environment variables (SUDO_EDITOR, VISUAL, EDITOR) and append arbitrary files to gain root access.
Classification
Working Poc 95%
Target:
sudo 1.8.0 to 1.9.12p1
Auth required
Prerequisites:
User must have sudoedit or sudo -e privileges · nano or vim editor installed
nomisec
WORKING POC
6 stars
by M4fiaB0y · local
https://github.com/M4fiaB0y/CVE-2023-22809
The repository contains a functional exploit for CVE-2023-22809, a privilege escalation vulnerability in sudo versions 1.8.0 to 1.9.12p1. The exploit checks if the current user can run sudoedit or sudo -e as root, then opens the sudoers file to allow the attacker to add a line granting full privileges.
Classification
Working Poc 90%
Target:
sudo 1.8.0 to 1.9.12p1
Auth required
Prerequisites:
User must have privileges to run sudoedit or sudo -e as root
nomisec
WORKING POC
2 stars
by D0rDa4aN919 · local
https://github.com/D0rDa4aN919/CVE-2023-22809-Exploiter
This repository contains functional Python and Bash scripts designed to exploit CVE-2023-22809, a privilege escalation vulnerability in sudo versions 1.8.0 through 1.9.12p1. The exploit leverages improper handling of sudoedit or sudo -e commands to escalate privileges by manipulating environment variables like SUDO_EDITOR, VISUAL, and EDITOR.
Classification
Working Poc 90%
Target:
sudo versions 1.8.0 through 1.9.12p1
Auth required
Prerequisites:
Access to sudo command with sudoedit or sudo -e capabilities · Vulnerable sudo version installed on the target machine
nomisec
WORKING POC
2 stars
by Toothless5143 · local
https://github.com/Toothless5143/CVE-2023-22809
This repository contains a functional exploit for CVE-2023-22809, a vulnerability in sudo's sudoedit command that allows local privilege escalation to root. The script checks the sudo version, verifies exploitable sudo privileges, and guides the user to modify the sudoers file via vim to achieve root access.
Classification
Working Poc 90%
Target:
sudo versions 1.8.0 to 1.9.12p1
Auth required
Prerequisites:
User must have sudoedit privileges configured in sudoers · Vulnerable sudo version installed
nomisec
WORKING POC
2 stars
by Chan9Yan9 · local
https://github.com/Chan9Yan9/CVE-2023-22809
This repository contains functional exploit scripts for CVE-2023-22809, a sudoedit vulnerability allowing local privilege escalation by manipulating environment variables (SUDO_EDITOR, VISUAL, EDITOR) to bypass sudoers policy restrictions. The exploits modify /etc/passwd or /etc/sudoers to achieve root access.
Classification
Working Poc 95%
Target:
sudo 1.8.0 to 1.9.12p1
Auth required
Prerequisites:
User must have sudoedit privileges · Vulnerable sudo version installed
nomisec
WORKING POC
1 stars
by Spydomain · poc
https://github.com/Spydomain/CVE-2023-22809-automated-python-exploits
This repository contains a functional Python script that automates the exploitation of CVE-2023-22809, a local privilege escalation vulnerability in sudo's sudoedit feature. The script checks for vulnerable sudo versions and verifies sudoedit privileges before attempting to escalate to root by modifying /etc/sudoers.
Classification
Working Poc 90%
Target:
sudo (versions 1.8, 1.9.0 to 1.9.3, 1.9.12p1)
Auth required
Prerequisites:
Vulnerable sudo version installed · User must have sudoedit privileges as root or (ALL) · Local access to the target system
github
WORKING POC
1 stars
by Shockp · pythonpoc
https://github.com/Shockp/CVE-Exploits/tree/main/CVE-2023-22809 (sudoedit)
The repository contains functional exploit code for multiple CVEs, including CVE-2023-22809 (sudoedit), CVE-2019-0232 (Tomcat CGI), and CVE-2019-10945 (Joomla). The exploits demonstrate remote code execution (RCE) and directory traversal vulnerabilities with clear usage instructions.
Classification
Working Poc 95%
Attack Type
Rce, Auth Bypass, Info Leak
Target:
sudoedit, Apache Tomcat, Joomla, Spring Cloud Function, Cacti
Auth required
Prerequisites:
Target IP/URL · Valid credentials for authenticated exploits · Network connectivity to target
nomisec
WORKING POC
by ValeuDoamne · local
https://github.com/ValeuDoamne/CVE-2023-22809
This repository contains a functional exploit for CVE-2023-22809, a vulnerability in sudoedit that allows privilege escalation. The script checks for sudoedit permissions and attempts to edit the /etc/sudoers file using vim, leveraging the vulnerability to gain elevated privileges.
Classification
Working Poc 90%
Target:
sudo (sudoedit)
Auth required
Prerequisites:
User must have sudoedit permissions
nomisec
SUSPICIOUS
by laxmiyamkolu · poc
https://github.com/laxmiyamkolu/SUDO-privilege-escalation
The repository claims to demonstrate CVE-2023-22809 (SUDO privilege escalation) but lacks actual exploit code, instead referencing external documents and scripts without providing technical details or code snippets.
Classification
Suspicious 90%
Target:
Sudo (unspecified version)
Auth required
Prerequisites:
Access to a vulnerable Sudo configuration · Local user access
nomisec
WORKING POC
by pashayogi · local
https://github.com/pashayogi/CVE-2023-22809
This repository contains a functional exploit for CVE-2023-22809, a privilege escalation vulnerability in sudo versions 1.8.0 to 1.9.12p1. The exploit checks for vulnerable sudo versions and user privileges, then leverages sudoedit to modify the sudoers file and gain root access.
Classification
Working Poc 95%
Target:
sudo 1.8.0 to 1.9.12p1
Auth required
Prerequisites:
User must have sudoedit or sudo -e privileges · Vulnerable sudo version installed
nomisec
STUB
by hello4r1end · poc
https://github.com/hello4r1end/patch_CVE-2023-22809
This repository contains a simple bash script to patch CVE-2023-22809 by installing an updated version of sudo. It does not include any exploit code or technical analysis of the vulnerability.
Target:
sudo (versions prior to 1.9.13p3)
Auth required
Prerequisites:
Linux-based system · wget installed · sudo privileges
vulncheck_xdb
WRITEUP
local
https://github.com/AdrianM756/CyberSec_Documentation
This repository contains a detailed technical writeup on CVE-2023-22809, a privilege escalation vulnerability in sudoedit. It explains the root cause, exploitation method, and includes a step-by-step demonstration of how to escalate privileges by modifying /etc/passwd.
Classification
Writeup 95%
Target:
sudo 1.8.0 - 1.9.12p1
Auth required
Prerequisites:
sudoedit access · user with sudoedit privileges
vulncheck_xdb
WORKING POC
local
https://github.com/spidoman/CVE-2023-22809-automated-python-exploits
This repository contains a functional Python script that automates the exploitation of CVE-2023-22809, a local privilege escalation vulnerability in sudo's sudoedit feature. The script checks for vulnerable sudo versions and verifies sudoedit privileges before attempting to escalate to root by modifying /etc/sudoers.
Classification
Working Poc 90%
Target:
sudo (versions 1.8, 1.9.0 to 1.9.3, 1.9.12p1)
Auth required
Prerequisites:
Vulnerable sudo version installed · User has sudoedit access with (root) or (ALL) privileges
metasploit
WORKING POC
EXCELLENT
by h00die, Matthieu Barjole, Victor Cutillas · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/sudoedit_bypass_priv_esc.rb
This Metasploit module exploits CVE-2023-22809, a privilege escalation vulnerability in sudoedit (sudo -e) that allows appending arbitrary entries to files processed by sudo, enabling root privilege execution. It targets Ubuntu 22.04 and 22.10 with specific sudo versions.
Classification
Working Poc 100%
Target:
sudo 1.8.0 through 1.9.12.p1 (Ubuntu 22.04/22.10)
Auth required
Prerequisites:
Local shell access · Sudoedit/sudo -e permissions on a file · Ubuntu 22.04 or 22.10