CVE-2023-48310 – TestingPlatform versions before 2.1.1 have impr... (How to Fix)

Q: What is the severity of CVE-2023-48310?

CVE-2023-48310 has a CVSS score of 9.1 (CRITICAL). TestingPlatform versions before 2.1.1 have improper input validation that allows attackers to pass arbitrary nmap options and CIDR blocks. This enables denial of service by overwriting critical files as root and unauthorized network scanning. All users running affected versions are vulnerable.

📋 TL;DR

TestingPlatform versions before 2.1.1 have improper input validation that allows attackers to pass arbitrary nmap options and CIDR blocks. This enables denial of service by overwriting critical files as root and unauthorized network scanning. All users running affected versions are vulnerable.

💻 Affected Systems

Products:

TestingPlatform

Versions: All versions prior to 2.1.1

Operating Systems: Linux, Unix-based systems

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default configuration; requires nmap integration feature.

📦 What is this software?

Testing Platform by Nc3

View all CVEs affecting Testing Platform →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Critical system files overwritten as root causing complete system failure, combined with network reconnaissance enabling further attacks.

🟠

Likely Case

Denial of service through file corruption and unauthorized network scanning of internal/external targets.

🟢

If Mitigated

Limited impact with proper network segmentation and file permission controls.

🌐 Internet-Facing: HIGH - Directly exploitable via web interface with no authentication required.

🏢 Internal Only: HIGH - Even internal instances can be abused for network scanning and DoS.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple command injection via nmap parameters; no authentication required.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.1.1

Vendor Advisory: https://github.com/NC3-LU/TestingPlatform/security/advisories/GHSA-9fhc-f3mr-w6h6

Restart Required: Yes

Instructions:

1. Backup current configuration. 2. Download version 2.1.1 from GitHub releases. 3. Replace existing installation with patched version. 4. Restart TestingPlatform service.

🔧 Temporary Workarounds

Restrict nmap options

all

Configure TestingPlatform to only accept specific, safe nmap parameters

Edit configuration to whitelist allowed nmap flags only

File permission hardening

linux

Set restrictive permissions on directories where log files could be created

chmod 755 /var/log/testingplatform
chown testingplatform:testingplatform /var/log/testingplatform

🧯 If You Can't Patch

Disable TestingPlatform's nmap scanning feature entirely
Implement strict network segmentation to limit scanning capabilities

🔍 How to Verify

Check if Vulnerable:

Check TestingPlatform version; if <2.1.1, vulnerable. Test by attempting to pass nmap -oN /etc/passwd option.

Check Version:

testingplatform --version or check package manager

Verify Fix Applied:

After upgrade to 2.1.1, attempt to pass malicious nmap options; should be rejected.

📡 Detection & Monitoring

Log Indicators:

Unusual nmap commands in TestingPlatform logs
File creation in unexpected locations
Network scanning from TestingPlatform server

Network Indicators:

Unexpected nmap scans originating from TestingPlatform server
Traffic to unusual CIDR blocks

SIEM Query:

source="testingplatform" AND (command="-oN" OR cidr="0.0.0.0/0")

📊 Metadata

CVE ID: CVE-2023-48310

CVSS v3 Score: 9.1 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

CWE: CWE-20

Published: November 20, 2023

Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-48310, you might also want to check these: