1. TOTOLINK A6000R 命令执行漏洞2. Sharp 多功能打印机 未授权访问漏洞3. 科讯一卡通管理系统dormitoryHealthRanking存在SQL注入漏洞4. 泛微E-Mobile-installOperate.do存在SSRF漏洞5. 科讯一卡通管理系统get_kq_tj_today存在SQL注入漏洞6. 天问物业ERP系统ContractDownLoad.aspx存在任意文件读取漏洞7. itsourcecodeTailoringManagementSystem代码执⾏漏洞(CVE- 2024-6970)8. TendaO3代码执⾏漏洞(CVE-2024-6963)9. SourceCodesterClinicsPatientManagementSystem信息泄露漏洞(CVE-2024-6968)10. H3C安全产品管理平台前台存在远程命令执⾏漏洞11. 金万维异速联云联应⽤系统存在远程命令执⾏漏洞12. 联想云盘存在任意用户登录漏洞13. 通达oa11.10前台存在SQL注入14. 海康威视综合安防系统ISecureCenter未授权代码执行15. ⽹御星云SSLVPN系统SQL注⼊16. 灵当crm存在⽂件写⼊漏洞17. 国泰新点oa协同系统前台任意⽂件上传漏洞18. 润乾报表存在⽂件上传漏洞19. 华磊科技物流-modifyInsurance-delay-pg-sql注⼊漏20. 有友NCquerygoodsgridbycode存在SQL注⼊漏洞21. 万⼾协同办公平台ezofficeDocumentEdit_unite. jspSQL注⼊漏洞22. 泛微e-cology任意⽂件写⼊23. 用友NC-Cloud blobRefClassSearch接口存在反序列化漏洞24. QM-vpn-download-client-任意文件读取25. Bazarr swaggerui 组件 目录穿越导致任意文件读取漏洞26. 海康威视综合安防管理平台detection前台远程命令执行27. 科讯校园一卡通管理系统 多处SQL注入致RCE漏洞28. 建文工程项目管理软件 SQL 注入漏洞
样本主题:医药商业报销.PIFSHA256:d3cf90433e96a46b8aee6da223caf20271fd9f861a10d9f3b194bfc55f88163bMD5:d07206e06447557c67330a0f979d2b2f相关IP或域名:media.jinsixian.cn、safari.qifudeng.com样本地址:https://i.3001.net/uploads/Up_imgs/20240724-3dc493f8e6a6da03403923801d5d131c.zip【样本解压密码:threatbook】解压后可改名还原
样本主题:情况说明.zipSHA256:b8482ce5063a6c61234784e5c4c519ac8ebf9e40405cc9e29019007ed4b5fb7eMD5:0c6e35c9f7db4e4f3db0f7ccf6e3f913攻击手法:域前置分析结论:CobaltStrike木马IP 地址:180.163.146.83、58.218.215.171、112.19.11.240、223.111.24.109域名/URL:itaoxiang.cn样本地址:https://i.3001.net/uploads/Up_imgs/20240724-a8c91bb2bf25100686e184ca10438e26.zip【样本解压密码:threatbook】解压后可改名还原
样本主题:2024重点保障安全意识培训参会人员名单.exeSHA256:2a7b1f4059f861f09a590ac245dfa9f3c6d355f2ea519917088307fdc6816992MD5:a5cb6cc1faed774049e5b3ae3913dc4cC2:110.41.46.45:9111攻击手法:Rust,、采用JoJoLoader进行加载分析结论:CobaltStrike木马IP 地址:110.41.46.45
样本主题:归档.zipSHA256:5055c31d9e7330e96a12e0dc4b27332061efd259f2da183ed62a5d87cf3a6604MD5:cbe45ba48370ce011f4840f967349420相关IP或域名:https://m.bala.iask.sina.com.cn:443/p/1klB4T6ua3qm攻击手法:域前置分析结论:CobaltStrike木马域名/URL:https://m.bala.iask.sina.com.cn:443/p/1klB4T6ua3qm
样本主题:个人简历.exeSHA256:ce023affa9339e438d9e66eddabbe0a27bdd5f84f1fdafea2a3990d258f995a5MD5:b397b38f37389fb7b6c4f410d5ca9db5C2:8.138.123.133:80分析结论:CobaltStrike木马IP 地址:8.138.123.133
红海云eHR kqFile.mob 任意文件上传
微步编号:XVE-2024-18114漏洞类型:文件上传漏洞平台:应用程序漏洞描述:红海eHR系统,聚焦人力资源管理痛点,打破传统eHR系统各功能模块数据割裂局限,为企业打造数据一体化、流程一体化、终端一体化的智能互联人力资源管理解决方案,构建业务闭环流畅、全局数据贯通、系统高度集成、权限规范可控的一站式人力资源管理数字化平台 红海云eHR kqFile.mob 接口存在任意文件上传漏洞,攻击者可以通过漏洞上传任意文件甚至木马文件,从而获取服务器权限。
微步编号:XVE-2024-18113漏洞类型:SQL注入漏洞平台:应用程序漏洞描述:WMS系统是借助条码、移动设备、互联网等技术实现仓库收、发、存等作业流程的自动化、和数字化的信息管理系统,旨在帮助客户解决库存分类管理和实时监控、仓库延迟录入和账务不符、仓储作业效率和作业合规、物料批次管理和库存库龄预警等问题,实现降低内部存货风险,提高企业的资金流转,促进产、销、供与财务端间的有效协同和提升仓库库容率和仓储运作效率的目标。 飞讯云WMS系统存在SQL注入,成功利用该漏洞可获取敏感信息,造成远程代码执行。
湖南众合百易信息技术有限公司 资产管理运营系统 comfileup.php 前台文件上传漏洞
微步编号:XVE-2024-18154漏洞类型:文件上传漏洞平台:应用程序漏洞描述:资管云存在一个前台文件上传漏洞,该漏洞源于/comfileup.php接口允许未授权用户上传php文件,攻击者能够利用该漏洞上传shell文件获取系统权限。
泛微e-cology9 /services/WorkPlanService 前台SQL注入漏洞
微步编号:XVE-2024-18112漏洞类型:SQL注入漏洞平台:应用程序漏洞描述:微e-cology是一套兼具企业信息门户、知识文档管理、工作流程管理、人力资源管理、客户关系管理、项目管理、财务管理、资产管理、供应链管理、数据中心功能的企业大型协同管理平台。泛微e-cology存在前台SQL注入,攻击者可利用该漏洞获取系统敏感信息,可能获取服务器权限,造成远程代码执行。
用友NC querygoodsgridbycode 前台SQL注入漏洞
微步编号:XVE-2024-18158漏洞类型:SQL注入漏洞平台:应用程序漏洞描述:用友NC是由用友公司开发的一套面向大型企业和集团型企业的管理软件产品系列。这一系列产品基于全球最新的互联网技术、云计算技术和移动应用技术,旨在帮助企业创新管理模式、引领商业变革。用友NC 的querygoodsgridbycode.json接口存在SQL注入漏洞,攻击者能够利用该漏洞获取敏感数据。
数字通云平台智慧政务 time SQL注入漏洞
微步编号:XVE-2024-18153漏洞类型:SQL注入漏洞平台:应用程序漏洞描述:数字通云平台智慧政务是一款专为政府部门设计的智能化办公系统,利用先进的技术为政务工作提供全面的数字化解决方案。数字通云平台智慧政务存在SQL注入漏洞,攻击者可利用该漏洞获取数据库敏感数据。
金和OA C6 GeneralXmlhttpPage.aspx SQL注入漏洞
微步编号:XVE-2024-18159漏洞类型:SQL注入漏洞平台:应用程序漏洞描述:金和网络是专业信息化服务商,为城市监管部门提供了互联网+监管解决方案,为企事业单位提供组织协同OA系统开发平台,电子政务一体化平台,智慧电商平台等服务。金和 OA C6 GeneralXmlhttpPage.aspx处id参数存在sql注入漏洞,攻击者能够利用该漏洞读取系统敏感信息。
通达OA V11.10 login.php SQL注入漏洞
微步编号:XVE-2024-18157漏洞类型:SQL注入漏洞平台:应用程序漏洞描述:通达OA(Office Anywhere网络智能办公系统)是由北京通达信科科技有限公司自主研发的协同办公自动化软件,是与中国企业管理实践相结合形成的综合管理办公平台。包括流程审批、行政办公、日常事务、数据统计分析、即时通讯、移动办公等,帮助广大用户降低沟通和管理成本,提升生产和决策效率。通达OA v11版本/ispirit/interface/login.php接口存在SQL注入漏洞,攻击者通过漏洞可以注入sql语句获取系统敏感信息。
赛蓝企业管理系统 GetJSFile 任意文件读取漏洞
微步编号:XVE-2024-18124漏洞类型:文件读取漏洞平台:应用程序漏洞描述:赛蓝企业管理系统是一款为企业提供全面管理解决方案的软件系统,它能够帮助企业实现精细化管理,提高效率,降低成本。系统集成了多种管理功能,包括但不限于项目管理、财务管理、采购管理、销售管理以及报表分析等,旨在为企业提供一站式的管理解决方案。该系统以先进的管理思想为引导,结合企业实际业务流程,通过信息化手段提升企业管理水平。赛蓝企业管理系统 GetJSFile接口处存在任意文件读取漏洞,未经身份验证攻击者可通过该漏洞读取系统重要文件(如数据库配置文件、系统配置文件)、数据库配置文件等等,导致网站处于极度不安全状态。
85.122.195.738.218.147.1847.102.135.18447.103.87.1246.246.4.1747.121.119.13047.97.111.15747.91.14.847.96.78.547.99.195.12352.250.30.17152.171.219.11160.204.133.19760.205.226.14662.234.219.12862.234.31.4747.99.68.17747.76.190.21747.76.109.13049.235.161.6443.143.151.82114.132.185.1708.137.55.598.217.119.86178.156.8.185178.128.219.7179.60.150.151185.208.158.228185.208.158.203185.200.190.202188.166.44.28192.198.36.172194.233.73.183193.26.115.222198.13.63.54202.95.14.6181.129.104.139185.172.128.6185.104.112.206185.69.153.72185.172.128.136188.214.122.88190.131.202.18193.111.125.200193.161.193.99198.7.121.101202.189.8.243202.9.39.9720.117.96.1012.56.10.8020.107.244.13520.203.178.15520.27.144.16020.250.17.24820.42.96.4920.2.85.1202.58.15.2392.58.56.6620.2.202.1520.208.136.1242.58.56.10920.250.21.15220.120.177.9920.64.84.120.68.131.22120.116.164.16020.212.232.5320.52.118.21020.77.132.13220.14.86.18020.185.50.3920.208.137.3020.163.182.12.58.56.392.59.135.1412.89.135.2920.205.107.24920.224.227.3020.0.145.15520.86.134.8620.189.26.100200.130.16.1201.13.179.81201.68.248.50202.100.1.134202.182.125.24202.182.107.128202.44.54.13202.61.230.102202.94.68.20202.95.15.212202.95.12.132203.100.10.99202.95.15.62202.95.14.23203.205.6.67201.110.234.97202.67.153.234202.95.15.100202.232.122.150202.232.122.158202.28.3.104202.9.39.96202.51.172.154202.79.168.65202.79.172.241202.61.141.147202.61.141.166202.61.141.168202.61.196.208202.61.205.19202.29.215.114203.131.220.25203.135.104.10203.135.98.31203.167.15.139203.195.210.28203.195.66.14203.33.207.142203.219.47.198203.248.44.99203.25.119.141203.253.95.1482.57.122.722.57.149.8420.56.35.16620.56.70.24520.73.155.18320.82.116.12220.82.117.17820.82.142.15420.75.52.15120.83.148.2220.85.220.10020.89.240.226200.171.101.169200.107.35.154200.156.28.37200.237.77.176200.66.43.158201.1.205.208201.13.174.209200.9.154.160200.58.103.229201.163.238.117201.186.58.102201.243.95.21201.68.246.7201.27.180.43202.133.88.95202.176.74.148202.144.194.110202.154.57.243201.95.131.210202.112.238.106202.125.94.123202.189.226.148202.189.5.24202.189.9.234202.146.222.171202.170.127.71202.181.148.28202.182.106.220.237.62.658.210.135.6181.70.246.23094.232.46.5494.156.69.22743.248.118.2043.136.56.15645.195.52.16989.117.94.85208.85.18.159209.141.46.83209.38.16.93210.56.49.228209.151.148.1683.20.96.224101.43.252.53146.190.118.60202.61.85.5794.131.3.10543.142.138.4542.51.43.23545.76.178.20045.88.186.14747.238.156.19745.195.148.1945.182.189.10245.196.31.21145.204.153.24945.207.58.18545.207.58.7945.195.148.18745.207.36.3345.207.36.4545.207.55.245.207.38.7145.195.148.10745.207.58.19145.207.49.9845.204.82.15645.207.55.21845.207.39.12045.227.255.16445.32.196.11045.79.252.15345.32.202.20345.32.254.7945.250.197.4545.250.197.4445.55.51.11745.79.205.1445.66.231.15045.8.146.3245.55.131.6345.32.169.18745.76.97.6845.58.56.3445.63.87.19945.77.176.12945.83.31.11345.40.96.9745.76.151.3045.77.24.23145.77.18.12745.76.176.14745.77.169.22245.93.20.24246.246.14.2246.246.80.1546.246.82.446.246.80.945.9.148.12345.91.226.16346.147.242.22446.226.105.16745.86.228.5345.88.90.22445.88.186.4345.88.186.16846.246.6.2046.246.6.2146.246.80.2245.90.220.18546.246.80.2045.88.91.16845.88.186.22845.86.162.15846.246.86.1645.91.226.24846.101.118.1146.197.224.20145.90.223.11345.88.186.15146.106.94.1745.43.37.21945.227.254.11545.195.148.5845.227.254.2245.227.254.445.248.10.7245.251.10.19645.32.100.15645.32.105.19445.32.108.2645.32.124.19545.32.125.17245.32.173.19645.32.233.3845.32.52.8445.33.103.1345.56.91.5545.41.187.22045.61.135.18045.61.136.15045.61.136.16945.61.138.945.67.229.11945.63.120.20345.63.86.20345.63.92.11245.63.99.5045.64.206.7445.33.116.11045.55.36.21645.55.38.4045.9.148.15045.9.148.19245.9.148.20645.9.188.1145.83.31.12745.83.31.17745.83.31.1945.83.31.24145.84.1.22745.9.148.12946.4.174.7046.4.37.21246.34.149.15646.148.26.7246.148.26.8846.19.139.17846.117.10.13745.9.63.1945.92.1.11045.76.172.945.76.180.15245.76.181.22045.76.232.24745.93.201.10345.94.31.10345.94.31.12446.101.81.12746.101.140.22846.101.49.18246.101.94.10246.101.97.13345.95.174.3945.76.46.6445.77.17.12545.77.172.24045.77.199.1545.77.200.16045.77.255.16945.77.30.15245.79.198.1845.79.207.5345.79.211.5545.8.146.12445.8.99.21545.80.158.2245.86.162.14945.86.228.12545.87.247.6345.88.186.1245.88.186.12545.88.186.14145.88.186.19745.88.186.24145.88.186.6245.8.145.15845.81.39.11145.95.174.25346.196.236.2146.212.119.10146.243.186.7546.246.12.1246.246.12.246.246.80.1246.246.80.1346.246.80.1446.246.82.2146.246.84.446.249.38.21146.249.99.7246.222.50.5145.88.9.10045.88.91.15745.89.233.12945.88.90.3045.88.91.14747.100.0.18147.100.126.23547.100.182.8845.61.161.10847.76.186.6646.8.237.24747.101.170.1747.104.179.21847.104.20.19547.103.23.21647.100.85.7847.120.45.9447.120.46.17047.120.46.19547.120.46.21047.120.50.23447.120.52.16147.120.19.24347.120.49.10947.120.49.11547.120.19.5647.120.20.8247.120.22.5947.120.23.8247.120.30.9047.120.32.4647.120.35.16747.120.35.18347.120.40.2747.120.41.13747.120.42.25547.104.139.10947.120.10.21647.120.11.6047.120.16.25547.120.17.17747.120.18.19747.120.60.20147.100.187.10247.100.196.5847.100.87.17747.101.147.12147.101.37.4647.102.106.15547.102.137.18447.103.122.6747.103.20.23247.103.218.3547.103.3.20047.103.30.9047.103.39.4347.103.75.1547.103.8.15347.104.133.747.104.140.7947.104.2.4647.100.90.17947.101.181.19547.101.190.2047.102.102.15147.115.230.15947.115.79.7747.116.125.18047.116.170.6147.116.178.21547.116.187.2747.116.198.1647.116.208.6547.116.211.2947.116.213.13747.116.222.10847.116.25.20847.116.27.9247.116.33.20347.117.156.2247.117.174.19847.76.128.21847.100.180.12347.102.156.24747.100.229.20747.108.215.21647.100.244.16647.120.12.22847.117.156.1047.120.39.18247.120.45.7047.118.56.13247.108.253.7547.113.151.3647.113.226.23447.108.130.11247.108.254.14947.109.134.13147.113.191.8847.113.202.3247.120.17.7647.115.208.1147.113.144.8747.109.192.1047.109.28.13947.109.148.6247.109.178.6347.109.186.17947.109.29.3747.109.44.7947.109.48.19347.109.49.22947.109.55.15147.109.58.20547.109.70.20247.110.143.12247.109.100.12747.109.106.16247.109.109.24547.120.61.13447.120.63.12047.120.63.21147.120.67.16347.120.8.8647.121.112.23547.121.129.11247.113.219.19347.113.219.5847.113.219.6747.113.222.17347.113.223.13547.113.227.13947.113.99.5547.115.203.20447.115.206.447.115.215.3047.115.216.14947.116.211.20747.109.102.9847.109.137.23547.109.44.19547.109.53.24147.109.69.13547.104.230.17347.104.232.11347.105.43.5047.105.68.5047.105.69.3447.105.81.15047.106.138.2547.106.154.9147.106.155.13547.106.250.13947.106.67.13847.106.89.22547.107.115.17747.107.76.19047.108.115.17447.108.153.6947.108.157.15647.108.182.17447.108.197.1447.108.204.21847.108.228.24147.108.238.8247.108.239.8647.108.77.13547.108.84.8447.110.35.5447.111.119.1347.111.135.2147.111.183.4347.113.104.22647.113.145.15147.113.147.21947.113.150.23647.113.177.10447.113.179.17747.106.171.20147.121.132.18247.121.133.13647.121.141.24547.121.179.18047.121.26.6447.122.57.5147.128.239.9347.128.255.19247.115.216.17047.113.186.15047.113.188.23747.113.198.10647.113.199.11047.116.6.22147.116.79.7947.120.13.8547.120.63.14647.120.65.9447.112.227.20047.117.163.17347.113.188.13347.108.180.12147.108.137.1908.134.249.167
目前纷传已更新漏洞如下:
2024-07-22总更新漏洞如下:
1. U8cloud系统MeasureQueryframeAction SQL注入漏洞 2. 用友 GRP-A-Cloud 政府财务云 selectGlaDatasourcePreview SQL注入漏洞 3. 北京致远互联软件股份有限公司AnalyticsCloud分析云存在任意文件读取漏洞
4. 蓝凌KEP前台RCE漏洞
6. 1Panel面板最新前台RCE漏洞(CVE-2024-39911)
7. SuiteCRM系统接口responseEntryPoint存在SQL注入漏洞(CVE-2024-36412)
8. Netgear-WN604接口downloadFile.php信息泄露漏洞(CVE-2024-6646)
9. Nacos远程代码执行漏洞
10. LiveNVR流媒体服务软件接口存在未授权访问漏洞 livenvr 青柿视频管理系统 channeltree 存在未授权访问漏洞
11. fogproject系统接口export.php存在远程命令执行漏洞(CVE-2024-39914)
12. 全息AI网络运维平台ajax_cloud_router_config.php存在命令执行漏洞
13. 广联达OA接口ArchiveWebService存在XML实体注入漏洞
14. 亿赛通数据泄露防护(DLP)系统NetSecConfigAjax SQL 注入 漏洞
15. 亿赛通数据泄露防护(DLP)系统 NoticeAjax SQL 注入漏洞
16. 用友CRM系统import.php任意文件上传漏洞
17. 用友GRP A++Cloud政府财务云存在任意文件读取漏洞
18. 瑞友天翼应用虚拟化系统hmrao.php存在SQL注入漏洞
19. 红海云eHR-PtFjk.mob存在任意文件上传漏洞
20. 福建科立讯通信指挥调度管理平台ajax_users.php存在SQL注入漏洞
21. 泛微OA E-Cology ln.FileDownload文件读取漏洞
22. 大华DSS数字监控系统存在SQL注入漏洞
2024-07-23 总更新如下:
1. TOTOLINK A6000R 命令执行漏洞
2. Sharp 多功能打印机 未授权访问漏洞
3.科讯一卡通管理系统dormitoryHealthRanking存在SQL注入漏洞
4. 泛微E-Mobile-installOperate.do存在SSRF漏洞
5. 科讯一卡通管理系统get_kq_tj_today存在SQL注入漏洞
6. 天问物业ERP系统ContractDownLoad.aspx存在任意文件读取漏洞
7. 润乾报表存在⽂件上传漏洞
8. 华磊科技物流-modifyInsurance-delay-pg-sql注⼊漏
9. 有友NCquerygoodsgridbycode存在SQL注⼊漏洞
10. 万⼾协同办公平台ezofficeDocumentEdit_unite. jspSQL注⼊漏洞
11. 用友NC-Cloud blobRefClassSearch接口存在反序列化漏洞
12. QM-vpn-download-client-任意文件读取
13. Bazarr swaggerui 组件 目录穿越导致任意文件读取漏洞
14. 海康威视综合安防管理平台detection前台远程命令执行
15. 建文工程项目管理软件 SQL 注入漏洞
加入我们,让免杀和内网渗透成为您网络安全职业生涯的利器。 Tips: 每周不定时纷传小圈子都会开启公开课!
-
知识普及:让更多人了解网络安全的基础知识和最新动态。
-
技能提升:为网络安全从业者和爱好者提供实战技能的提升。
-
案例分析:深入剖析国内外网络安全事件,提炼经验教训。
-
攻防演练:模拟攻击与防御场景,提高应对网络威胁的能力。
-
攻击队常用的网络攻击技术与工具。
-
网络攻防演练的策略与实战案例。
-
系统漏洞分析与防御措施。
-
网络安全法律法规与伦理道德。
-
网络安全行业动态与未来趋势。
-
专业的网络安全知识分享。
-
与行业专家的互动交流机会。
-
网络安全防护的实用技巧。
-
网络安全事件的深度解析。
原文始发于微信公众号(TeamSecret安全团队):【2024Hvv情报】日报总结-day3
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论