MinIO contains a vulnerability in a cluster deployment where MinIO returns all environment variables, which allows for information disclosure.
PoC: CVE-2023-28432
MinIO存在信息泄露漏洞,未经身份认证的远程攻击者通过发送特殊HTTP请求即可获取所有环境变量,其中包括MINIO_SECRET_KEY和MINIO_ROOT_PASSWORD,造成敏感信息泄露,最终可能导致攻击者以管理员身份登录MinIO
PoC: CVE-2023-28432
CVE-2023-28434 nuclei templates
PoC: MinIO_CVE-2023-28432
minio敏感信息泄露
PoC: CVE-2023-28432
CVE-2023-28432 POC
PoC: minio_unauth_check
CVE-2023-28432,minio未授权访问检测工具
PoC: CVE-2023-28432
MiniO verify interface sensitive information disclosure vulnerability (CVE-2023-28432)
PoC: CVE-2023-28432
PoC for CVE-2023-28432
PoC: CVE-2023-28432
MinIO vulnerability exploit - CVE-2023-28432
PoC: CVE-2023-28432
minio系统存在信息泄露漏洞,未经身份认证的远程攻击,通过发送特殊POST请求到/minio/bootstrap/v1/verify即可获取所有敏感信息,其中包括MINIO_SECRET_KEY和MINIO_ROOT_PASSWORD,可能导致管理员账号密码泄露。
PoC: CVE-2023-28432
CVE-2023-28432 Minio Information isclosure Exploit
PoC: minio-CVE-2023-28432-rce
https://github.com/AbelChe/evil_minio/tree/main 打包留存
PoC: CVE-2023-28432
Automated vulnerability scanner for CVE-2023-28432 in Minio deployments, revealing sensitive environment variables.
PoC: CVE-2023-28432
CVE-2023-28432检测工具
PoC: CVE-2023-28432
CVE-2023-28432检测工具
PoC: CVE-2023-28432-metasploit-scanner
MinIO Information Disclosure Vulnerability scanner by metasploit
PoC: CVE-2023-28432_docker
Test environments for CVE-2023-28432, information disclosure in MinIO clusters
PoC: CVE-2023-28432
CVE-2023-28432 MinIO敏感信息泄露检测脚本
PoC: Cve-2023-28432-
通过vulhub的复现过程实现了,基本的批量检测。比较垃圾但是勉强能用
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free