From 13e48a87aadf7f4e2acb3d0ea4eedc58dd3ea5c0 Mon Sep 17 00:00:00 2001 From: Goby <50955360+gobysec@users.noreply.github.com> Date: Thu, 7 Sep 2023 22:42:11 +0800 Subject: [PATCH] Update Adobe_ColdFusion_WDDX_C3P0_remote code_execution_vulnerability.md --- ..._ColdFusion_WDDX_C3P0_remote code_execution_vulnerability.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Adobe_ColdFusion_WDDX_C3P0_remote code_execution_vulnerability.md b/Adobe_ColdFusion_WDDX_C3P0_remote code_execution_vulnerability.md index f7303f2..06fc486 100644 --- a/Adobe_ColdFusion_WDDX_C3P0_remote code_execution_vulnerability.md +++ b/Adobe_ColdFusion_WDDX_C3P0_remote code_execution_vulnerability.md @@ -4,7 +4,7 @@ | :----: | :-----| | **Chinese name** | Adobe ColdFusion WDDX C3P0 远程代码执行漏洞 | | **CVSS core** | 9.8 | -| **FOFA Query** (click to view the results directly)| [body="/cfajax/" \| header="CFTOKEN" \| banner="CFTOKEN" \| body="ColdFusion.Ajax" \| body="" \| server="ColdFusion" \| title="ColdFusion" \| (body="crossdomain.xml" && body="CFIDE") \| (body="#000808" && body="#e7e7e7")](https://en.fofa.info/result?qbase64=Ym9keT0iL2NmYWpheC8iIHx8IGhlYWRlcj0iQ0ZUT0tFTiIgfHwgYmFubmVyPSJDRlRPS0VOIiB8fCBib2R5PSJDb2xkRnVzaW9uLkFqYXgiIHx8IGJvZHk9IjxjZnNjcmlwdD4iIHx8IHNlcnZlcj0iQ29sZEZ1c2lvbiIgfHwgdGl0bGU9IkNvbGRGdXNpb24iIHx8IChib2R5PSJjcm9zc2RvbWFpbi54bWwiICYmIGJvZHk9IkNGSURFIikgfHwgKGJvZHk9IiMwMDA4MDgiICYmIGJvZHk9IiNlN2U3ZTciKQ%3D%3D) | +| **FOFA Query** (click to view the results directly)| [body="/cfajax/" \|\| header="CFTOKEN" \|\| banner="CFTOKEN" \|\| body="ColdFusion.Ajax" \|\| body="" \|\| server="ColdFusion" \|\| title="ColdFusion" \|\| (body="crossdomain.xml" && body="CFIDE") \|\| (body="#000808" && body="#e7e7e7")](https://en.fofa.info/result?qbase64=Ym9keT0iL2NmYWpheC8iIHx8IGhlYWRlcj0iQ0ZUT0tFTiIgfHwgYmFubmVyPSJDRlRPS0VOIiB8fCBib2R5PSJDb2xkRnVzaW9uLkFqYXgiIHx8IGJvZHk9IjxjZnNjcmlwdD4iIHx8IHNlcnZlcj0iQ29sZEZ1c2lvbiIgfHwgdGl0bGU9IkNvbGRGdXNpb24iIHx8IChib2R5PSJjcm9zc2RvbWFpbi54bWwiICYmIGJvZHk9IkNGSURFIikgfHwgKGJvZHk9IiMwMDA4MDgiICYmIGJvZHk9IiNlN2U3ZTciKQ%3D%3D) | | **Number of assets affected** | 567468 | | **Description** | Adobe Coldfusion is a commercial application server developed by Adobe for web applications.The attacker can send unbelievable serialized data and trigger derivativeization to the Coldfusion server, thereby executing any code. | | **Impact** | The attacker can execute the code at the server through this vulnerability, obtain the server permissions, and then control the entire web server. |