CVE-2023-3722

HIGH EXPLOITED NUCLEI

Avaya Aura Device Services < 8.1.4.0 - Remote Code Execution via Malicious File Upload

Title source: llm

Exploitation Summary

CVE-2023-3722 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including pizza-power. A Nuclei detection template is also available.

AI-analyzed exploit summary This Python script exploits CVE-2023-3722, an unrestricted file upload vulnerability in Avaya Aura Device Services, by uploading a malicious PHP file via a PUT request and executing it via a GET request to achieve remote code execution (RCE). The script generates a random filename to bypass basic detection and allows custom command execution through the --query argument.

Description

An OS command injection vulnerability was found in the Avaya Aura Device Services Web application which could allow remote code execution as the Web server user via a malicious uploaded file. This issue affects Avaya Aura Device Services version 8.1.4.0 and earlier.

Exploits (1)

nomisec WORKING POC 2 stars

by pizza-power · remote

https://github.com/pizza-power/CVE-2023-3722

View Code ZIP pw:eip

This Python script exploits CVE-2023-3722, an unrestricted file upload vulnerability in Avaya Aura Device Services, by uploading a malicious PHP file via a PUT request and executing it via a GET request to achieve remote code execution (RCE). The script generates a random filename to bypass basic detection and allows custom command execution through the --query argument.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Avaya Aura Device Services

No auth needed

Prerequisites: Network access to the target Avaya Aura Device Services instance · Target must be vulnerable to CVE-2023-3722

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Avaya Aura Device Services - OS Command Injection

HIGHVERIFIEDby iamnoooob,pdresearch

Shodan: html:"Avaya Aura® Utility Services"

FOFA: body="Avaya Aura® Utility Services"

References (1)

Core 1

Core References

Release Notes

https://download.avaya.com/css/public/documents/101076366

Scores

CVSS v3 8.6

EPSS 0.0333

EPSS Percentile 87.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

VulnCheck KEV 2023-08-17

CWE

CWE-434

Status published

Products (1)

avaya/aura_device_services < 8.1.4.0

Published Jul 19, 2023

Tracked Since Feb 18, 2026