admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

add CVE-2021-25646

Browse Source
This commit is contained in:
tardc 2021-02-04 15:30:24 +08:00
parent 6b14df882a
commit 04a873c7af
2 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
Druid/CVE-2021-25646/CVE-2021-25646.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 529 KiB

9
Druid/CVE-2021-25646/README.md Normal file
View File

@ -0,0 +1,9 @@
# CVE-2021-25646 Apache Druid RCE
Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests. This functionality is intended for use in high-trust environments, and is disabled by default. However, in Druid 0.20.0 and earlier, it is possible for an authenticated user to send a specially-crafted request that forces Druid to run user-provided JavaScript code for that request, regardless of server configuration. This can be leveraged to execute code on the target machine with the privileges of the Druid server process.
**[FOFA](https://fofa.so/result?q=title%3D%22Apache%22+%26%26+title%3D%22Druid%22&qbase64=dGl0bGU9IkFwYWNoZSIgJiYgdGl0bGU9IkRydWlkIg%3D%3D&file=&file=) query rule**: title="Apache" && title="Druid"
# Demo
![](CVE-2021-25646.gif)