Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2023-28432

Description

Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY`and `MINIO_ROOT_PASSWORD`, resulting in information disclosure. All users of distributed deployment are impacted. All users are advised to upgrade to RELEASE.2023-03-20T20-16-18Z.

POC

Reference

- https://www.greynoise.io/blog/openai-minio-and-why-you-should-always-use-docker-cli-scan-to-keep-your-supply-chain-clean

Github

- https://github.com/0day404/HV-2024-POC

- https://github.com/0day404/vulnerability-poc

- https://github.com/0x783kb/Security-operation-book

- https://github.com/0xRulez/CVE-2023-28432

- https://github.com/12442RF/POC

- https://github.com/20142995/Goby

- https://github.com/20142995/nuclei-templates

- https://github.com/20142995/sectool

- https://github.com/ARPSyndicate/cvemon

- https://github.com/AbelChe/evil_minio

- https://github.com/AboSteam/POPC

- https://github.com/Awrrays/FrameVul

- https://github.com/BitWiz4rd/CVE-2023-28432

- https://github.com/C1ph3rX13/CVE-2023-28432

- https://github.com/CHINA-china/MinIO_CVE-2023-28432_EXP

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/Chocapikk/CVE-2023-28432

- https://github.com/Cuerz/CVE-2023-28432

- https://github.com/DMW11525708/wiki

- https://github.com/Farhan7045/Skyfall

- https://github.com/Henry4E36/POCS

- https://github.com/J1ezds/Vulnerability-Wiki-page

- https://github.com/KayCHENvip/vulnerability-poc

- https://github.com/LHXHL/Minio-CVE-2023-28432

- https://github.com/Lern0n/Lernon-POC

- https://github.com/Linxloop/fork_POC

- https://github.com/Loginsoft-LLC/Linux-Exploit-Detection

- https://github.com/Loginsoft-Research/Linux-Exploit-Detection

- https://github.com/Majus527/MinIO_CVE-2023-28432

- https://github.com/Mr-xn/CVE-2023-28432

- https://github.com/MzzdToT/CVE-2023-28432

- https://github.com/NET-Flowers/CVE-2023-28432

- https://github.com/Okaytc/minio_unauth_check

- https://github.com/Ostorlab/KEV

- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors

- https://github.com/Romanc9/Gui-poc-test

- https://github.com/SrcVme50/Skyfall

- https://github.com/TaroballzChen/CVE-2023-28432-metasploit-scanner

- https://github.com/Threekiii/Awesome-POC

- https://github.com/Threekiii/CVE

- https://github.com/Threekiii/Vulhub-Reproduce

- https://github.com/TrojanAZhen/Self_Back

- https://github.com/WhosGa/MyWiki

- https://github.com/XiaomingX/awesome-poc-for-red-team

- https://github.com/Yuan08o/pocs

- https://github.com/acheiii/CVE-2023-28432

- https://github.com/admin772/POC

- https://github.com/adminlove520/pocWiki

- https://github.com/adysec/POC

- https://github.com/atk7r/Taichi

- https://github.com/bakery312/Vulhub-Reproduce

- https://github.com/bingtangbanli/CVE-2023-28432

- https://github.com/bingtangbanli/VulnerabilityTools

- https://github.com/cc8700619/poc

- https://github.com/cisp-pte/POC-20241008-sec-fork

- https://github.com/d4n-sec/d4n-sec.github.io

- https://github.com/eeeeeeeeee-code/POC

- https://github.com/fhAnso/CVE-2023-28432

- https://github.com/gmh5225/Awesome-ML-Security_

- https://github.com/gnarkill78/CSA_S2_2024

- https://github.com/gobysec/CVE-2023-28432

- https://github.com/google/tsunami-security-scanner-plugins

- https://github.com/greenberglinken/2023hvv_1

- https://github.com/h0ng10/CVE-2023-28432_docker

- https://github.com/hktalent/TOP

- https://github.com/iemotion/POC

- https://github.com/izj007/wechat

- https://github.com/just-a-confused-seal/infrastructure_security

- https://github.com/komodoooo/Some-things

- https://github.com/komodoooo/some-things

- https://github.com/laoa1573/wy876

- https://github.com/netuseradministrator/CVE-2023-28432

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/oLy0/Vulnerability

- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main

- https://github.com/peiqiF4ck/WebFrameworkTools-5.5

- https://github.com/peiqiF4ck/WebFrameworkTools-5.5-enhance

- https://github.com/plzheheplztrying/cve_monitor

- https://github.com/soxoj/information-disclosure-writeups-and-pocs

- https://github.com/steponeerror/Cve-2023-28432-

- https://github.com/trailofbits/awesome-ml-security

- https://github.com/unam4/CVE-2023-28432-minio_update_rce

- https://github.com/whoami13apt/files2

- https://github.com/wjlin0/poc-doc

- https://github.com/wooluo/POC00

- https://github.com/wy876/POC

- https://github.com/wy876/wiki

- https://github.com/xk-mt/CVE-2023-28432

- https://github.com/yTxZx/CVE-2023-28432

- https://github.com/yuyongxr/minio_cve-2023-28432