From de0050396d82fbc4d5fe09c913a58b1c9bfb8188 Mon Sep 17 00:00:00 2001
From: Goby <50955360+gobysec@users.noreply.github.com>
Date: Fri, 14 Jul 2023 11:13:30 +0800
Subject: [PATCH] Create
 Tianqing_terminal_security_management_system_YII_CSRF_TOKEN_remote_code_execution_vulnerability.md

add Tianqing terminal security management system YII_CSRF_TOKEN remote code execution vulnerability
---
 ...CSRF_TOKEN_remote_code_execution_vulnerability.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 Tianqing_terminal_security_management_system_YII_CSRF_TOKEN_remote_code_execution_vulnerability.md

diff --git a/Tianqing_terminal_security_management_system_YII_CSRF_TOKEN_remote_code_execution_vulnerability.md b/Tianqing_terminal_security_management_system_YII_CSRF_TOKEN_remote_code_execution_vulnerability.md
new file mode 100644
index 0000000..d701f84
--- /dev/null
+++ b/Tianqing_terminal_security_management_system_YII_CSRF_TOKEN_remote_code_execution_vulnerability.md
@@ -0,0 +1,12 @@
+## Tianqing terminal security management system YII_CSRF_TOKEN remote code execution vulnerability
+
+|   **Vulnerability**  | **Tianqing terminal security management system YII_CSRF_TOKEN remote code execution vulnerability**  |
+| :----:   | :-----|
+| **Chinese name**  | 天擎终端安全管理系统 YII_CSRF_TOKEN 远程代码执行漏洞 |
+| **CVSS core**  | 9.8 |
+| **FOFA Query**  (click to view the results directly)| [title="360新天擎" \|\| body="appid\":\"skylar6" \|\| body="/task/index/detail?id={item.id}" \|\| body="已过期或者未授权，购买请联系4008-136-360" \|\| title="360天擎" \|\| title="360天擎终端安全管理系统"](https://en.fofa.info/result?qbase64=dGl0bGU9IjM2MOaWsOWkqeaTjiIgfHwgYm9keT0iYXBwaWRcIjpcInNreWxhcjYiIHx8IGJvZHk9Ii90YXNrL2luZGV4L2RldGFpbD9pZD17aXRlbS5pZH0iIHx8IGJvZHk9IuW3sui%2Fh%2Bacn%2BaIluiAheacquaOiOadg%2B%2B8jOi0reS5sOivt%2BiBlOezuzQwMDgtMTM2LTM2MCIgfHwgdGl0bGU9IjM2MOWkqeaTjiIgfHwgdGl0bGU9IjM2MOWkqeaTjue7iOerr%2BWuieWFqOeuoeeQhuezu%2Be7nyI%3D) |
+| **Number of assets affected**  | 875 |
+| **Description**  | Qi Anxin Tianqing is a terminal security management system (referred to as "Tianqing") product of Qi Anxin Group dedicated to integrated terminal security solutions.The web part of Qi'an Xintianqing terminal security management system uses the yii framework. This version of the framework has its own deserialization entry point, and the attacker can execute arbitrary code to obtain server permissions. |
+| **Impact** | The web part of Qi'an Xintianqing terminal security management system uses the yii framework. This version of the framework has its own deserialization entry point, and the attacker can execute arbitrary code to obtain server permissions. |
+
+![](https://s3.bmp.ovh/imgs/2023/07/14/fdc6987a22268e3b.gif)