CVE-2023-34598

CRITICAL EXPLOITED NUCLEI

Gibbon v25.0.0 - Local File Inclusion via Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2023-34598 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 3 public exploits from researchers including maddsec, Lserein, Zer0F8th. A Nuclei detection template is also available.

AI-analyzed exploit summary The repository provides a writeup for CVE-2023-34598, detailing a Local File Inclusion (LFI) vulnerability in Gibbon v25.0.0. The exploit involves manipulating the 'q' parameter to include local files in the server's response, though it is limited to non-PHP files within the installation directory.

Description

Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it's possible to include the content of several files present in the installation folder in the server's response.

Exploits (3)

nomisec WRITEUP 3 stars
by maddsec · infoleak
https://github.com/maddsec/CVE-2023-34598

The repository provides a writeup for CVE-2023-34598, detailing a Local File Inclusion (LFI) vulnerability in Gibbon v25.0.0. The exploit involves manipulating the 'q' parameter to include local files in the server's response, though it is limited to non-PHP files within the installation directory.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Gibbon v25.0.0
No auth needed
Prerequisites: Access to the vulnerable endpoint · Knowledge of target file paths
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec SCANNER 1 stars
by Lserein · infoleak
https://github.com/Lserein/CVE-2023-34598

This PoC is a simple scanner for CVE-2023-34598, a local file inclusion vulnerability in Gibbon. It checks for the presence of the vulnerability by attempting to access a local SQL file via a crafted URL.

Classification
Scanner 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Gibbon (version not specified)
No auth needed
Prerequisites: Target URL or list of URLs
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by Zer0F8th · infoleak
https://github.com/Zer0F8th/CVE-2023-34598

This Python script exploits CVE-2023-34598, a Local File Inclusion (LFI) vulnerability in Gibbon v25.0.0, by fetching the database dump via a crafted URL request. It includes functionality to scan targets and save extracted SQL data for analysis.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Gibbon v25.0.0
No auth needed
Prerequisites: Python 3.x · requests library · network access to target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Gibbon v25.0.0 - Local File Inclusion
CRITICALVERIFIEDby DhiyaneshDk
Shodan: http.favicon.hash:-165631681 || http.favicon.hash:"-165631681"
FOFA: icon_hash="-165631681"

References (1)

Core 1
Core References
Exploit, Third Party Advisory
https://github.com/maddsec/CVE-2023-34598

Scores

CVSS v3 9.8
EPSS 0.4486
EPSS Percentile 98.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

VulnCheck KEV 2024-09-18
CWE
CWE-22
Status published
Products (1)
gibbonedu/gibbon 25.0.00
Published Jun 29, 2023
Tracked Since Feb 18, 2026