Share
## https://sploitus.com/exploit?id=CA624BE3-1731-55A5-81E3-F5EFC482806F
# reNgine 2.2.0 - Command Injection - CVE-2023-50094 

## Description

This Python script exploits an authenticated command injection vulnerability in reNgine 2.2.0. The exploit targets the `nmap_cmd` parameter in the Scan Engine configuration, allowing attackers to execute arbitrary commands.

## Features

- User-friendly command-line interface (CLI)
- Flexible input for base URL, credentials, and Scan Engine ID
- Automates exploitation for authenticated users

## Exploit Details

- **CVE ID**: TBD
- **Affected Version**: reNgine v2.2.0
- **Tested On**: macOS
- **Author on exploit-db**: Caner Tercan
- **Author of the POC**: Ziad (me)
- **Vendor URL**: [https://rengine.wiki/](https://rengine.wiki/)
- **Software Link**: [https://github.com/yogeshojha/rengine](https://github.com/yogeshojha/rengine)

## Prerequisites

1. A running instance of reNgine (v2.2.0).
2. Valid user credentials with access to the Scan Engine configuration.
3. Python 3.x with the `requests` library installed.

## Installation

1. Clone the repository:

   ```bash
   git clone https://github.com/example/rengine-exploit.git
   cd rengine-exploit
   pip install requests
   ```

2. Running the script:
   ```
   python poc.py --url http://rengine.target.com --username admin --password securepassword123 --engine-id 2
   ```