CVE-2023-36934
CRITICAL EXPLOITED NUCLEIProgress MOVEit Transfer < 12.1.11 - Unauthenticated SQL Injection
Title source: llmExploitation Summary
CVE-2023-36934 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content.
Nuclei Templates (1)
MOVEit Transfer - SQL Injection
CRITICALVERIFIEDby rootxharsh,iamnoooob,pdresearch
Shodan:
http.favicon.hash:989289239
FOFA:
icon_hash=989289239
References (2)
Core 2
Core References
Patch, Release Notes, Third Party Advisory
https://community.progress.com/s/article/MOVEit-Transfer-2020-1-Service-Pack-July-2023
Product
https://www.progress.com/moveit
Scores
CVSS v3
9.1
EPSS
0.9484
EPSS Percentile
99.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
VulnCheck KEV
2023-12-04
CWE
CWE-89
Status
published
Products (1)
progress/moveit_transfer
< 12.1.11
Published
Jul 05, 2023
Tracked Since
Feb 18, 2026