CVE-2023-47102

MEDIUM

UrBackup Server 2.5.31 - User Enumeration via Login Failure Message

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-47102. PoCs published by quantiano.

AI-analyzed exploit summary The repository contains only a minimal README with no technical details or exploit code. It appears to be a placeholder or stub with no substantive content related to CVE-2023-47102.

Description

UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid.

Exploits (1)

nomisec STUB

by quantiano · poc

https://github.com/quantiano/cve-2023-47102

View Code ZIP pw:eip

The repository contains only a minimal README with no technical details or exploit code. It appears to be a placeholder or stub with no substantive content related to CVE-2023-47102.

Classification

Stub 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: unknown

No auth needed

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory

https://quantiano.github.io/cve-2023-47102/

Various Sources

https://nitipoom-jaroonchaipipat.github.io/security-research-portal/2023-47102

Scores

CVSS v3 5.3

EPSS 0.0063

EPSS Percentile 45.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-203

Status published

Products (1)

urbackup/urbackup_server 2.5.31

Published Nov 07, 2023

Tracked Since Feb 18, 2026