admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-20 18:00:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update GobyVuls-Document.md

Browse Source
This commit is contained in:
Goby 2024-11-20 20:43:31 +08:00 committed by GitHub
parent b27d068d93
commit c506b92a39
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
GobyVuls-Document.md
View File

@ -1,6 +1,19 @@
# Goby History Update Vulnerability Total Document (Continuously Update) # Goby History Update Vulnerability Total Document (Continuously Update)
The following content is an updated vulnerability from Goby. Some of the vulnerabilities are recorded on the screen for easy viewing. The following content is an updated vulnerability from Goby. Some of the vulnerabilities are recorded on the screen for easy viewing.
**Updated document date: November 20, 2024**
## palo-alto-panos /php/utils/createRemoteAppwebSession.php Command Execution Vulnerability (CVE-2024-0012/CVE-2024-9474)
| **Vulnerability** | palo-alto-panos /php/utils/createRemoteAppwebSession.php Command Execution Vulnerability (CVE-2024-0012/CVE-2024-9474)|
| :----: | :-----|
| **Chinese name** | palo-alto-panos /php/utils/createRemoteAppwebSession.php 命令执行漏洞CVE-2024-0012/CVE-2024-9474 |
| **CVSS core** | 9.50 |
| **FOFA Query** (click to view the results directly)| [body="Panos.browser.cookie.set" && body="Panos.browser.param"]
| **Number of assets affected** | 27,397 |
| **Description** |A command execution vulnerability exists in palo-alto-panos, allowing attackers to execute arbitrary commands via the /php/utils/createRemoteAppwebSession.php/.js.map path without authorization, potentially leading to full system control. |
![](https://s3.bmp.ovh/imgs/2024/11/20/849976b81da4b825.gif)
**Updated document date: October 31, 2024** **Updated document date: October 31, 2024**
## Apache Solr /solr/admin/info/properties:/admin/info/key Permission Bypass Vulnerability(CVE-2024-45216) ## Apache Solr /solr/admin/info/properties:/admin/info/key Permission Bypass Vulnerability(CVE-2024-45216)