admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 01:40:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add CVE-2020-29552

Browse Source
This commit is contained in:
xiaoheihei1107 2021-08-14 19:01:06 +08:00 committed by GitHub
parent 2d1a611df4
commit 15a23512b4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
URVE/CVE-2020-29552/README.md Normal file
View File

@ -0,0 +1,9 @@
# URVE 2020.03.24 RCE (CVE-2020-29552)
An issue was discovered in URVE Build 24.03.2020. By using the _internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0;powershell+-c+\" substring, it is possible to execute a Powershell command and redirect its output to a file under the web root.
FOFA **query rule**: [body="URVE"](https://fofa.so/result?qbase64=Ym9keT0iVVJWRSI%3D)
# Demo
![URVE_2020_03_24_RCE_CVE_2020_29552](URVE_2020_03_24_RCE_CVE_2020_29552.gif)