Weaver-OA E-Cology RCE

2025-05-05 10:16:59 +00:00 · 2021-05-18 10:16:01 +08:00 · 2021-05-18 10:16:01 +08:00 · 5ac958ef79
commit 5ac958ef79
parent a4ab37e847
2 changed files with 11 additions and 0 deletions
--- a/Weaver/Weaver_OA_E-Cology_RCE/README.md
+++ b/Weaver/Weaver_OA_E-Cology_RCE/README.md
@ -0,0 +1,11 @@
+# Weaver-OA e-Cology WorkflowServiceXml RCE
+
+泛微OA办公系统是一款协调办公软件。
+
+泛微协同商务软件系统weaver e-cology 存在命令执行漏洞，攻击者可利用该漏洞获取服务器权限。
+
+**[FOFA](https://fofa.so/result?qbase64=YXBwPSJXZWF2ZXItT0Ei) query rule**: app="Weaver-OA"
+
+# Demo
+
+![](Weaver-OA_WorkflowServiceXml_RCE.gif)
--- a/Weaver/Weaver_OA_E-Cology_RCE/Weaver-OA_WorkflowServiceXml_RCE.gif
+++ b/Weaver/Weaver_OA_E-Cology_RCE/Weaver-OA_WorkflowServiceXml_RCE.gif