CVE-2023-54335

CriticalPublic PoC

Published: 13 January 2026

Published

13 January 2026

Modified

03 February 2026

KEV Added

—

Patch

—

CVSS Score 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0059 69.4th percentile

Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Description

eXtplorer 2.1.14 contains an authentication bypass vulnerability that allows attackers to login without a password by manipulating the login request. Attackers can exploit this flaw to upload malicious PHP files and execute remote commands on the vulnerable file management system.

Mitigating Controls (NIST 800-53 r5)AI

IA-2 Identification and Authentication (Organizational Users) good match

prevent

IA-2 requires robust identification and authentication for organizational users, directly preventing authentication bypass vulnerabilities like manipulating login requests in eXtplorer.

SI-10 Information Input Validation good match

prevent

SI-10 enforces information input validation, blocking manipulation of login requests that enable passwordless access.

SI-2 Flaw Remediation good match

prevent

SI-2 mandates timely flaw remediation, ensuring the specific authentication bypass in eXtplorer 2.1.14 is patched to stop exploitation.

Security SummaryAI

CVE-2023-54335 is an authentication bypass vulnerability affecting eXtplorer 2.1.14, a file management system. The flaw enables attackers to log in without a password by manipulating the login request, as detailed in the CVE description. It is rated critical with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and maps to CWE-306 (Missing Authentication for Critical Function).

Remote attackers require no privileges, user interaction, or special access to exploit this vulnerability over the network with low complexity. Upon bypassing authentication, attackers can upload malicious PHP files to the vulnerable file management system, achieving remote code execution on the server.

Advisories such as the VulnCheck report on the authentication bypass and remote code execution provide further technical details, while a proof-of-concept exploit is available on Exploit-DB (ID 51067). Practitioners should review the eXtplorer website (extplorer.net) and referenced sources for any patch or mitigation guidance. The CVE was published on 2026-01-13.

Details

CWE(s): CWE-306

Affected Products

extplorer

≤ 2.1.14

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

The vulnerability is an authentication bypass in a public-facing web-based file management system (eXtplorer), enabling remote unauthenticated attackers to gain access and upload malicious PHP files for RCE, directly facilitating T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://extplorer.net/
Product · disclosure@vulncheck.com
https://www.exploit-db.com/exploits/51067
Exploit, Third Party Advisory · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/extplorer-authentication-bypass-remote-code-execution-rce
Third Party Advisory · disclosure@vulncheck.com
https://www.exploit-db.com/exploits/51067
Exploit, Third Party Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0