Exploitation Summary
CVE-2023-22809 has been observed exploited in the wild (reported by VulnCheck KEV).
EIP tracks 18 public exploits from researchers including n3m1.sys, n3m1sys, P4x1s, including a Metasploit module exploits/linux/local/sudoedit_bypass_priv_esc.
AI-analyzed exploit summary This exploit leverages CVE-2023-22809 in sudo versions 1.8.0 to 1.9.12p1 to escalate privileges by abusing sudoedit/sudo -e to modify the sudoers file. It checks for vulnerable sudo versions and exploitable user permissions before attempting privilege escalation.
Description
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.
Exploits (18)
This exploit leverages CVE-2023-22809 in sudo versions 1.8.0 to 1.9.12p1 to escalate privileges by abusing sudoedit/sudo -e to modify the sudoers file. It checks for vulnerable sudo versions and exploitable user permissions before attempting privilege escalation.
This repository contains a functional exploit script for CVE-2023-22809, a sudo privilege escalation vulnerability. The script checks for vulnerable sudo versions and user privileges, then leverages sudoedit to modify the sudoers file for root access.
This exploit leverages CVE-2023-22809 in sudo versions 1.8.0 to 1.9.12p1, allowing local privilege escalation by abusing sudoedit/sudo -e to modify /etc/sudoers and gain root access. The script checks for vulnerable sudo versions and exploitable user permissions before guiding the attacker to add a malicious sudoers entry.
This repository contains a functional exploit for CVE-2023-22809, a local privilege escalation vulnerability in sudo versions 1.8.0 to 1.9.12p1. The exploit leverages the sudoedit feature to manipulate environment variables (SUDO_EDITOR, VISUAL, EDITOR) and append arbitrary files to gain root access.
The repository contains a functional exploit for CVE-2023-22809, a privilege escalation vulnerability in sudo versions 1.8.0 to 1.9.12p1. The exploit checks if the current user can run sudoedit or sudo -e as root, then opens the sudoers file to allow the attacker to add a line granting full privileges.
This repository contains functional Python and Bash scripts designed to exploit CVE-2023-22809, a privilege escalation vulnerability in sudo versions 1.8.0 through 1.9.12p1. The exploit leverages improper handling of sudoedit or sudo -e commands to escalate privileges by manipulating environment variables like SUDO_EDITOR, VISUAL, and EDITOR.
This repository contains a functional exploit for CVE-2023-22809, a vulnerability in sudo's sudoedit command that allows local privilege escalation to root. The script checks the sudo version, verifies exploitable sudo privileges, and guides the user to modify the sudoers file via vim to achieve root access.
This repository contains functional exploit scripts for CVE-2023-22809, a sudoedit vulnerability allowing local privilege escalation by manipulating environment variables (SUDO_EDITOR, VISUAL, EDITOR) to bypass sudoers policy restrictions. The exploits modify /etc/passwd or /etc/sudoers to achieve root access.
This repository contains a functional Python script that automates the exploitation of CVE-2023-22809, a local privilege escalation vulnerability in sudo's sudoedit feature. The script checks for vulnerable sudo versions and verifies sudoedit privileges before attempting to escalate to root by modifying /etc/sudoers.
The repository contains functional exploit code for multiple CVEs, including CVE-2023-22809 (sudoedit), CVE-2019-0232 (Tomcat CGI), and CVE-2019-10945 (Joomla). The exploits demonstrate remote code execution (RCE) and directory traversal vulnerabilities with clear usage instructions.
This repository contains a functional exploit for CVE-2023-22809, a vulnerability in sudoedit that allows privilege escalation. The script checks for sudoedit permissions and attempts to edit the /etc/sudoers file using vim, leveraging the vulnerability to gain elevated privileges.
The repository claims to demonstrate CVE-2023-22809 (SUDO privilege escalation) but lacks actual exploit code, instead referencing external documents and scripts without providing technical details or code snippets.
This repository contains a functional exploit for CVE-2023-22809, a privilege escalation vulnerability in sudo versions 1.8.0 to 1.9.12p1. The exploit checks for vulnerable sudo versions and user privileges, then leverages sudoedit to modify the sudoers file and gain root access.
This repository contains a simple bash script to patch CVE-2023-22809 by installing an updated version of sudo. It does not include any exploit code or technical analysis of the vulnerability.
This repository contains a detailed technical writeup on CVE-2023-22809, a privilege escalation vulnerability in sudoedit. It explains the root cause, exploitation method, and includes a step-by-step demonstration of how to escalate privileges by modifying /etc/passwd.
This repository contains a functional Python script that automates the exploitation of CVE-2023-22809, a local privilege escalation vulnerability in sudo's sudoedit feature. The script checks for vulnerable sudo versions and verifies sudoedit privileges before attempting to escalate to root by modifying /etc/sudoers.
This Metasploit module exploits CVE-2023-22809, a privilege escalation vulnerability in sudoedit (sudo -e) that allows appending arbitrary entries to files processed by sudo, enabling root privilege execution. It targets Ubuntu 22.04 and 22.10 with specific sudo versions.
References (14)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H