CVE-2023-32571

CRITICAL LAB

Dynamic Linq <1.3.0 - RCE

Title source: llm

Description

Dynamic Linq 1.0.7.10 through 1.2.25 before 1.3.0 allows attackers to execute arbitrary code and commands when untrusted input to methods including Where, Select, OrderBy is parsed.

Exploits (3)

nomisec WORKING POC 8 stars

by Tris0n · poc

https://github.com/Tris0n/CVE-2023-32571-POC

View Code ZIP pw:eip

nomisec WORKING POC

by SecTex · poc

https://github.com/SecTex/CVE-2023-32571

View Code ZIP pw:eip

nomisec WORKING POC

by vert16x · poc

https://github.com/vert16x/CVE-2023-32571-POC

View Code ZIP pw:eip

References (2)

[Product] https://github.com/zzzprojects/System.Linq.Dynamic.Core

[Exploit] https://research.nccgroup.com/2023/06/13/dynamic-linq-injection-remote-code-execution-vulnerability-cve-2023-32571/

Scores

CVSS v3 9.8

EPSS 0.7691

EPSS Percentile 99.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Lab Environment

COMMUNITY

Community Lab

docker pull mcr.microsoft.com/dotnet/sdk:7.0

docker pull mcr.microsoft.com/dotnet/aspnet:7.0

https://github.com/Tris0n/CVE-2023-32571-POC

https://github.com/vert16x/CVE-2023-32571-POC

https://github.com/SecTex/CVE-2023-32571

View in Library

Details

CWE

CWE-697

Status published

Products (2)

dynamic-linq/linq 1.0.7.10 - 1.2.25

nuget/System.Linq.Dynamic.Core 1.0.7.10 - 1.3.0NuGet

Published Jun 22, 2023

Tracked Since Feb 18, 2026