## shodan dorks
You can use the following shodan dorks to find public targets.
You can use the following to transform data from shodan API to format suitable for the checking script:
jq -cr 'select(.http.favicon.hash == 362091310) | [ if .ssl? then "https://" else "http://" end , (.ip_str) + ":" + (.port|tostring)] | add' example.json > your_data_file.txt
- clone the repository
- `./CVE-2023-35078.sh http[s]://your.target:port` (define both protocol and target port)
If you want to test multiple targets, you can simply wrap it up with a loop:
`while read line; do ./CVE-2023-35078.sh $line; done < your_data_file.txt`
## additional info about the vuln
## details about vulnerable/patched versions
> This vulnerability impacts all supported versions – Version 11.4 releases 11.10, 11.9 and 11.8. Older versions/releases are also at risk.
> you can fix the vulnerability by upgrading to EPMM versions 126.96.36.199, 188.8.131.52, and 184.108.40.206. These fixed versions also cover unsupported and End-of-Life (EoL) software versions that are lower than 220.127.116.11.