CVE-2023-45158

CRITICAL LAB

Web2py < 2.24.1 - OS Command Injection

Title source: rule

Description

An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is configured to use notifySendHandler for logging (not the default configuration), a crafted web request may execute an arbitrary OS command on the web server using the product.

Exploits (2)

nomisec WORKING POC 4 stars

by yifanzhg · poc

https://github.com/yifanzhg/CVE-2023-45158

View Code ZIP pw:eip

inthewild WORKING POC

poc

https://github.com/evan-zhangyf/cve-2023-45158

View Code ZIP pw:eip

References (4)

[Product] http://web2py.com/

[Product] http://web2py.com/init/default/download

[Patch] https://github.com/web2py/web2py/commit/936e2260b0c34c44e2f3674a893e96d2a7fad0a3

[Third Party Advisory] https://jvn.jp/en/jp/JVN80476432/

Scores

CVSS v3 9.8

EPSS 0.1503

EPSS Percentile 94.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Lab Environment

COMMUNITY

Community Lab

docker pull opensuse:latest

https://github.com/yifanzhg/CVE-2023-45158

https://github.com/evan-zhangyf/cve-2023-45158

View in Library

Details

CWE

CWE-78

Status published

Products (1)

web2py/web2py < 2.24.1

Published Oct 16, 2023

Tracked Since Feb 18, 2026