CVE-2023-34598
published 2023-06-29CVE-2023-34598: Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it's possible to include the content of several files present in the installation folder in…
PriorityP185critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
47.24%
98.7th percentile
Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it's possible to include the content of several files present in the installation folder in the server's response.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gibbonedu | gibbon | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →HTTP GET request to /?q=./gibbon.sql; a 200 response containing both 'phpMyAdmin SQL Dump' and 'gibbon' in the body confirms successful LFI exploitation of the gibbon.sql installation file. ↗
- →Identify exposed Gibbon installations via Shodan favicon hash -165631681 or FOFA icon_hash -165631681 to find potentially vulnerable targets. ↗
- →Response body keyword match: presence of 'phpMyAdmin SQL Dump' AND 'gibbon' in the HTTP response body indicates the SQL dump file was successfully included and returned. ↗
- ·The vulnerability affects specifically Gibbon v25.0.0; the LFI is triggered via the 'q' query parameter pointing to files within the installation folder. ↗
- ·The template targets gibbon.sql specifically, but the vulnerability description states 'several files' in the installation folder are includable — additional paths beyond gibbon.sql may be exploitable. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-mrqc-wm68-8hhj: Gibbon v25
ghsa_unreviewed·2023-06-29
CVE-2023-34598 [CRITICAL] CWE-22 GHSA-mrqc-wm68-8hhj: Gibbon v25
Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it's possible to include the content of several files present in the installation folder in the server's response.
VulnCheck
gibbonedu gibbon Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
vulncheck·2023·CVSS 9.8
CVE-2023-34598 [CRITICAL] gibbonedu gibbon Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
gibbonedu gibbon Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) where it's possible to include the content of several files present in the installation folder in the server's response.
Affected: gibbonedu gibbon
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://media.defense.gov/2024/Sep/18/2003547016/-1/-1/0/CSA-PRC-LINKED-ACTORS-BOTNET.PDF
Exploit PoC: https://vulncheck.com/xdb/fc4dda7d428f; https://vulncheck.com/xdb/65a29f2610aa; https://vulncheck.com/xdb/8df47c04babb
No detection rules found.
Nuclei
Gibbon v25.0.0 - Local File Inclusion
nuclei·CVSS 9.8
CVE-2023-34598 [CRITICAL] Gibbon v25.0.0 - Local File Inclusion
Gibbon v25.0.0 - Local File Inclusion
Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) vulnerability where it's possible to include the content of several files present in the installation folder in the server's response.
Template:
id: CVE-2023-34598
info:
name: Gibbon v25.0.0 - Local File Inclusion
author: DhiyaneshDk
severity: critical
description: |
Gibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) vulnerability where it's possible to include the content of several files present in the installation folder in the server's response.
impact: |
The LFI vulnerability can lead to unauthorized access to sensitive files, potentially exposing sensitive information or allowing for further exploitation.
remediation: |
Upgrade to a patched version of Gibbon or apply the n
No writeups or analysis indexed.
2023-06-29
Published
Exploited in the wild