admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create CVD-2023-2177.md

Browse Source 
add CVD-2023-2177
This commit is contained in:
Goby 2023-04-06 20:07:53 +08:00 committed by GitHub
parent e249f33a88
commit cae8a7e818
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
CVD-2023-2177.md Normal file
View File

@ -0,0 +1,12 @@
## Yonyou NC com.ufsoft.iufo.jiuqi.JiuQiClientReqDispatch Deserialization Command Execution Vulnerability
| **Vulnerability** | **Yonyou NC com.ufsoft.iufo.jiuqi.JiuQiClientReqDispatch Deserialization Command Execution Vulnerability** |
| :----: | :-----|
| **Chinese name** | 用友NC com.ufsoft.iufo.jiuqi.JiuQiClientReqDispatch 反序列化命令执行漏洞 |
| **CVSS core** | 9.8 |
| **FOFA Query** (click to view the results directly)| [app="Yonyou-UFIDA-NC"](https://fofa.info/result?qbase64=YXBwPSJZb255b3UtVUZJREEtTkMi) |
| **Number of assets affected** | 11642 |
| **Description** | PlaySMS is a free and open source SMS gateway software. An input validation error vulnerability existed in PlaySMS versions prior to 1.4.3, which was caused by the program not sanitizing malicious strings. An attacker could exploit this vulnerability to execute arbitrary code. |
| **Impact** | An input validation error vulnerability existed in PlaySMS versions prior to 1.4.3, which was caused by the program not sanitizing malicious strings. An attacker could exploit this vulnerability to execute arbitrary code. |
![](https://s3.bmp.ovh/imgs/2023/04/06/05179a798f7fc68a.gif)